Steps taken by Income Tax Department for safeguarding tax payers from Phishing
email
Government of India Ministry of Finance Department of Revenue Central Board of Direct Taxes
PRESS RELEASE
New Delhi,
5th February, 2016
Sub:– Steps taken by Income Tax Department for safeguarding taxpaye rs from Phishing email - regarding
The Income Tax
Department has been at the forefront of using technology in implementing its –
e-Governance initiatives. Most of its routine communication to taxpayers is through email and SMS. Therefore, the Department is very sensitive and alert to attempts made by fraudsters to spoof the Department’s identity
to send phishing
emails. To ensure that taxpayers are aware that
the
Department does not seek any confidential or financial information of the taxpayer over
email,
the below mentioned
advisory has been prominently displayed on the national website:
“The Income Tax Department NEVER asks for your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts through
e-mail.
The Income Tax Department appeals to
taxpayers NOT to respond to
such e-mails and NOT to
share information relating to their credit card,
bank and other financial accounts.”
The Do’s and Don’t’s to ensure that the gullible taxpayers do not inadvertently play into the
hands
of fraudsters are
clearly mentioned
on the
website:
http ://www. inco meta xind ia. go v. in/Pa ges/report-phishing.asp x. All taxpayer reports of phishing
emails
are
forwarded
to inc ide nt@ce rt- in.org. in which is
a
Government
of India
agency mandated to fight against such threats.
Further, the Department has implemented
best practices such
as SPF (Sender
Policy Framework),
DKIM (Domain Keys
Identified
Mail) and
DMARC (Domain-based
Message Authentication,
Reporting
& Conformance) for
its email domains.
Use of these protocols
enables the e-mail receiver domains such
as Gmail, Yahoo, Hotmail etc to determine whether or
not
a received e- mail is actually from the defined sender such as the Department and block phishing emails from reaching the taxpayer.
Taxpayers are advised to follow these simple checks if they do receive any email purporting to
be from the Income Tax Department:
Check for the domain
name care fully. Fake emails
will
have misspelt or
incorrect
sounding
variants of websites of the Income Tax Department. Check the message header – for example in Gmail it can be viewed by selecting the
option ‘Show Original’.
Do not open
such emails
in spam or junk folder
and do
not
reply to
such emails. Do not open
any attachments.
Attachments
may contain malicious code.
Do not
click on any links.
Even if
you
have clicked on links
inadvertently in a
suspicious e- mail or phishing website then do not enter confidential information like bank account, credit card details.
Do not cut and paste the link from the message into your browsers.
Forward the phishing emails to inc ide nt@ce rt- in.org. in with a request to examine and block the sender.
Use anti-virus
software, anti spyware, and a firewall
and keep
them updated.
Income Tax Department is committed to encouraging taxpayers to engage with it electronically by following
safe and best practices.
(Shefali Shah)
Pr. Commissioner of Income Tax (OSD) Official Spokesperson, CBDT
No comments:
Post a Comment