Scamsters using I-T Dept website to dupe people: experts
Cyber experts have warned Internet users of phishing scamsters who are luring people with government domain names and sending unscrupulous e-mails to collect financial and personal information.
Mail boxes of people are being hit by an e-mail sent from "ref.init@incometaxindia.gov.in", informing them of a tax refund pending with the department which can be collected by entering their financial and bank-related information by clicking on a given hyperlink in the mail.
The Income Tax Department's web link also has the address "www.incometaxindia.gov.in." which gives the scamsters' email a genuine image and even prompts people to share the information.
One such mail was received by Lucknow-based Arun which read, "We have reviewed your tax fiscal payment for previous years and have resolved that you are qualified for a refund of the sum of Rs 34,120.05 which is your accumulated tax excesses. Please submit a tax refund request and allow us to process it within 10 working days."
Arun was taken aback as he is a student. "It seemed like a fraud because being a student I don't file any income tax returns. So how can I be eligible of a refund?"
According to private cyber security firm XCySS, such e-mails show that the department had not properly secured its server.
Mukesh Saini, chairman of the firm, said, "It seems that the website has an open proxy domain which allows anyone to assume the name of the Income Tax Department domain and send mails from it and it can be changed if the mandarins of the department instruct their service providers."A senior I-T Dept official said, "The Income Tax Department does not request detailed personal information through e-mail. It does not send e-mail requesting your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts."
The official said if someone received an e-mail or found a website to be pretending of the I-T Dept, the e-mail or website URL could be forwarded to phishing@incometaxindia.gov.in with a copy to incident@cert-in.org.in.
He said that they have already intimated the CERT-In, the nodal Central agency for computer security incidents in the country under the Ministry of Communication and Information Technology, and it is trying to trace and detect such malware.
"We issue routine advisories when we find that a number of fake and unscrupulous emails invade the Internet users. Such fake emails should be forwarded to the official CERT-In email ID," a security analyst from a government agency said.
"This is a very serious mistake on part of the I-T Dept and service providers which are maintaining their servers. There are some settings which need to be done in the the server on which the web site of the department of hosted," Saini said.
According to Saini, a former Naval commander, open proxy can be misused for sending notices, if not phishing messages, and extortions can be made by unscrupulous elements.
The CERT-IN web site also says that open proxies are major sources of spam and and are also used to launch attack on other systems.
