Tag Archives: phishing

Tax Refund Phishing Alert and 5 Tips to avoid being Phished

Just a quick warning to folks reading this that there’s a Phishing email doing that looks like it’s from the Indian Tax Department is doing rounds. The email text reads


Averse that some of us have become to reading the complete text I clicked the link that took me to


and it was only when I saw the card number and card verification number that it occurred to me something’s not right here. On close examination things started to fall out of place. This page is a cleverly devised one and can make a lot of people fall for it unless they are alert enough. The right side pane have links to actual sites and the look is a complete rip off from an official site. While this might be a clever attempt it isn’t perfect and here’s why(keep this things in mind for similar situations)

1) Asking for Card Number and/or Pin: If anyone needs to transfer money to you, all they need is your name, your bank account number and branch. There isn’t any need for a credit/debit card number and pin

2)  Non Clickable Icons/Links: On trying to find where various links on the sites are pointing out I realized that left pane is just an image and not an html section with actual links, the same holds true for the footer which looked genuine but is just an image

3) Generic Name: On a closer look you’ll realize  that all the text from email to the web page is not being addressed to you or anyone in particular. It’s just a generic text like ‘Dear Applicant’ and a silly ‘Dear Income Tax Department of India customer’  for email

4) URL: The site URL could be a great pointer in Phishing cases and the URL here (http://indiataxrefdep.com/folder/) reveals that something isn’t right here. When was the last time you accessed a government site which had ‘folder’ in it’s url?  Also, aren’t government sites on the ‘.gov.in’ domains?

5) Email Sender: It’s really important to check the sender email id of such emails(which I didn’t check in the first place to be honest). On second thoughts a quick look at the email id would have cleared all doubts, the sender email was ‘fihktr@yahoo.com’. Yes, an Income Tax Department email coming from a yahoo mail id.

These five tips should be helpful in figuring out if an email is a Phishing attempt or not. Feel free to add more points to the list.

I had written a similar post to avoid being Phished on Facebook, you can read it here

Phishing Attempt on Phone ?

A little while back my younger brother handed over my phone to me and said, there’s a missed call. I looked the number and it wasn’t from someone I knew, curious I called back. Here’s a transcript of what followed

Guy(on phone): Hanji Bhaiya (Hello)
Me: Kaun bol raha hai (whose this?)

Guy(on phone):
Bhaiya aaj se 10-11 saal pehle Gujrat mein jo bhukamp aaya tha na, wahan mein khudayi karta tha aur wahan mujhe zameen ke 6ft neeche 4 sone ke biscuit mile hain jo mein apne gaun le aaya hun rajasthan mein. Inko bech do, aadhe aadhe paise mein.( While digging the place in Gujarat where there was an earthquake about 10-11 years back I found four gold biscuits. I have brought them along to my village in Rajasthan, sell them for half price)
Me(Clueless): aapko mera number kaise mila? (How did you get my number?)

Guy(on phone): Bhaiya Billu naam ka driver hai Dilli mein, usne aapka number diya hai. Mein aapse paise nahi maang raha hai, aap mujhse mil lo aur yeh sona bech do.(I got your number from a driver named “Billu” from  Delhi, I am not asking for money, I just want you to meet me and sell this gold)
Me: Theek hai main aapse kal baat karta hun(I’ll talk to you tomorrow)

Did I just experience world’s first phone phishing attempt ?

3 really simple checks to avoid being phished

Ishaan sent you a message.

Subject: Hello

“www vingers(enter dot)ru”

Sharma sent you a message.

(no subject)

“tinyurl[dot]com/pofb3m/, 937824”

Raghav sent you a message.

(no subject)

“tinyurl[dot]com/pofb3m/, 974785”

Ujwal sent you a message.

Subject: ilikez.ru

“Look at this”

Rob sent you a message.

Subject: ilikez.ru

“Look at this”

If you are a decently networked Facebook user, you too must’ve received lots of messages like above from your Facebook friends. It’s really surprising(and disturbing) how much people have fallen for these attacks. I am particularly intrigued by a lot of my friends falling for it. Call me what ever but falling for attacks like these shows lack of some basic understanding about websites and security.

Here are a few pointers to be kept in mind to avoid such phishing incidents

1) Always check the target URL of the hyperlink in emails/messages etc.
This can be done by simply hovering/pointing mouse at the hyperlink. For ex: “Hey check out my new blog” might look like a genuine message from a friend but you can make out(mostly) if it’s real or fake by checking out the target url, which in this case is http://phishyblog.com i.e fake.

2) Always check the URL of the site before entering your credentials.
It’s naive to assume that the site that you were pointed to from an email/message which looks like your favorite site is that site indeed. By virtue of your experience and hunch you can mostly make out if the site is real or fake but checking the URL before entering your credentials is still the safest way to avoid being phished.

3) Always look out for context
I know it’s the hardest one to implement but you need to learn to be cautious about any message containing a hyperlink that doesn’t have a context. In case you’ve noticed all the messages posted above don’t have any context what so ever and thus should be approached with caution.

This  list could go on and on but lets keep it simple so that it’s easy to remember and share.

Did you too get phished ? If not, what saved you ?