Phishers Guarantee Early Tax Refund to Scam People

Receiving income-tax refund immediately is a great thing, but excessive hurry to receive the refund cheque may leave users in danger. Considerably, this time, phishers have imitated the Reserve Bank of India's website as a trick for a tax refund scam, as reported by The Times of India on June 01, 2011.

The phishing website targets at attracting users by informing that, the bank would take complete responsibility for depositing the refund money to the user's private bank account. The user is encouraged to chose the name of the bank and provide the customer ID and password. This fake e-mail provides a list of 8 banks to select from.

The website includes the logo of RBI as well as the name. It has also been displayed on the website that the users will receive their tax refund money deposited into their private bank accounts.

The subsequent page asks for the credit/debit card number and PIN number of the users. Once these details are furnished, the phishing website shows a message informing that the request for the tax refund has been successfully accepted. Afterwards, the user is then directed to the legal website of the Reserve Bank of India.

Commenting on the matter, Gaurav Kanwal from Symantec stated that, Symantec has been in regular touch with the RBI. He highlighted that, the bank has informed them that, the e-mails dispatched in its name to clients had been observed requesting for bank account details. The RBI has cleared that, these e-mails have not been sent by the bank and that the RBI or any bank never issues e-mails or other forms of communications requesting for personal bank account information for any objective. He further highlighted that, the RBI has requested the public to not reply to such fake e-mails and not disclose their bank account details to anyone for any objective, as reported by DNA on May 28, 2011.

Kanwal further added that, nevertheless, netizens should adopt best practices to avoid being victimized to phishing attacks. These include not clicking on apprehensive links in e-mail messages, not offering any private information while responding to an e-mail, never furnishing private details in a pop-up screen, and regularly updating the security software, which provides safety against online phishing, as reported by The Times of India on June 01, 2011.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 6/7/2011