Just a quick warning to folks reading this that there’s a Phishing email doing that looks like it’s from the Indian Tax Department is doing rounds. The email text reads
Averse that some of us have become to reading the complete text I clicked the link that took me to
and it was only when I saw the card number and card verification number that it occurred to me something’s not right here. On close examination things started to fall out of place. This page is a cleverly devised one and can make a lot of people fall for it unless they are alert enough. The right side pane have links to actual sites and the look is a complete rip off from an official site. While this might be a clever attempt it isn’t perfect and here’s why(keep this things in mind for similar situations)
1) Asking for Card Number and/or Pin: If anyone needs to transfer money to you, all they need is your name, your bank account number and branch. There isn’t any need for a credit/debit card number and pin
2) Non Clickable Icons/Links: On trying to find where various links on the sites are pointing out I realized that left pane is just an image and not an html section with actual links, the same holds true for the footer which looked genuine but is just an image
3) Generic Name: On a closer look you’ll realize that all the text from email to the web page is not being addressed to you or anyone in particular. It’s just a generic text like ‘Dear Applicant’ and a silly ‘Dear Income Tax Department of India customer’ for email
4) URL: The site URL could be a great pointer in Phishing cases and the URL here (http://indiataxrefdep.com/folder/) reveals that something isn’t right here. When was the last time you accessed a government site which had ‘folder’ in it’s url? Also, aren’t government sites on the ‘.gov.in’ domains?
5) Email Sender: It’s really important to check the sender email id of such emails(which I didn’t check in the first place to be honest). On second thoughts a quick look at the email id would have cleared all doubts, the sender email was ‘fihktr@yahoo.com’. Yes, an Income Tax Department email coming from a yahoo mail id.
These five tips should be helpful in figuring out if an email is a Phishing attempt or not. Feel free to add more points to the list.
I had written a similar post to avoid being Phished on Facebook, you can read it here
i recently received the mail that u are talking abt here pal . thanks that i used ur post to confirm .
the mail came from nmsfdm@aol.com .
http://indiataxrefdep.com/folder/
Domain Name………. indiataxrefdep.com
Creation Date…….. 2009-10-16
Registration Date…. 2009-10-16
Expiry Date………. 2010-10-16
Organisation Name…. Shirley Benjamin
Organisation Address. PO Box 61359
Organisation Address.
Organisation Address. Sunnyvale
Organisation Address. 94088
Organisation Address. CA
Organisation Address. US
is the whois information and this is clearly an attempt to phishing .
Tax Refund Phishing Alert and 5 Really Simple Tips to Avoid Being Phished: http://bit.ly/4gwqcj #basic
This comment was originally posted on Twitter
Hey man this is really weird.
Shouldn’t we do something to ban this site .
On search i came across the following link http://www.ic3.gov/default.aspx. I think we should file a complain .
Tax Refund Phishing Alert and 5 Tips to avoid being Phished …: 1) Asking for Card Number and/or Pin: If anyone.. http://bit.ly/2kZoxO
This comment was originally posted on Twitter
Thanks dude for posting this. Looks like tons of people are getting conned into this shite!
@Deepan: Thanks for sharing the info
@Samrat: Though I reported the email as a phishing attempt in gmail, I am not sure how to ban/report the site.
@Rajiv: Ya, please spread the word to avoid people getting phished