How many of my readers are aware of Digital India campaign? Yes, I am sure just about everyone has come across the government’s active effort to ensure India is ready for the future. It aims to make the majority of the government services available to every citizen, and online filing or e-filing of income tax returns is one such service many benefit from. It is simple, quick and convenient, and even offers special provisions for those who have missed the deadline. You probably are familiar with the system and have been using it over the past few years to file your returns.
However, there is one small hitch; cyber criminals are trying to leverage this to launch phishing attacks on unsuspecting users in an attempt to exploit them. Scammers dupe unsuspecting victims to part with their bank details and passwords through emails purportedly from the IT Department, and siphon off money from their accounts. Or, they may simply steal identity details and misuse them. It is therefore necessary to know how to identify a genuine email from the IT Department (check address, logo, content, grammar, salutation).
To state a common example, hackers send emails confirming returns and ask you to click on a link to fill in details like bank account number, password, date of birth etc., to process the return. Others scams include the “Income Tax Receipt” and “Verify PAN details”. The recent W-2 phishing attacks in the US are examples of scams where the TDS details of several employees were obtained via phishing. Taking cognizance of the rise in cyber frauds related to e-filing, the Department of Income Tax issued an advisory to protect unsuspecting users from phishing scams, in which it is clearly stated,
“The Income Tax Department NEVER asks for your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts through email.”
Here are a few suggestions to make your entire e-filing experience a smoother and safer one.
- File way before deadline: You got to pay it, so pay up in time. If you delay and then have less time to complete the procedure, you will hurry and in the process may become less cautious.
- Share personally identifiable documents with care: Be careful of who you share your identity documents with, including photocopies of your PAN and Aadhaar cards. These can be misused to create false identity
- Do not trust links or zip files sent via e-mails: Do not open zip files or click on links even if the mail appears to be from the Department of Income Tax. If you want to know your refund status, check on the official website using your personal login credentials
- Ads can be misleading: No free lunches, remember? An advertisement that offers to make the whole e-filing process seem like a cakewalk may actually be a phishing attempt. Consult a tax advisor or a trusted friend, but not an unverified site.
Smell something fishy? It probably is: You will never be asked to share your net banking password, email login details or your PIN while e-filing. Sound the mental alarm if any website asks for these. Though your email service will offer spam filter, hackers are becoming smarter. They are designing mails that look very authentic to penetrate your trust. I am sure that by now you all are using the amazing free tool McAfee WebAdvisor from McAfee. Follow its advice on secure and suspicious sites to be better protected from online scams. The Department of Income Tax, Government of India, advises users to “Use anti-virus software, anti-spyware, and a firewall and keep them updated.”
While tax season is a particularly vulnerable time, security risks exist year-round. In order to prevent private information getting into the wrong hands, choose security options that are easy to use and mobile-friendly. Don’t let Tax, Tax your security 😉