Last year in October, there were many incidents reported about the phishing e-mails asking for bank account number, expiry dates, CVN, ATM pin and other account holder details for filing Income Tax refund online. However these were only random attacks, and it was mere an indication of a future attack at a very large scale. The cyber fraudsters tested their phishing sites and disappeared for some time. Some security experts predicted (no names) that the similar phishing attacks may occur in the near future and the media highlighted them like they made the century’s biggest invention.
Seriously, with all due respect to senior security researchers (with fancy designations) there is no need of such predictions cause most of us are aware that the fake sites are always out there, there is nothing new about it. Anyways`
This year, the fraudsters executed the phishing attack at a large scale. Collecting Indian e-mail addresses from SPAM mail vendors is not a big deal. What makes me worried is that even the Indian tech savvy people still mention their e-mail address openly on forums and social media networks that makes life easier for online fraudsters to execute targeted scams. People still don’t use SPAM filters and the usual chain mails gets over whelming response.
There is no reason for not being targeted by the online fraudsters, and the media makes situation even worse. The Indian media is so twitchily involved in highlighting any cyber related news that most of the tax-payers have fear of filing e-return on even the legitimate website of Income-Tax department of INDIA. All I can say to our antagonistic prime time Media is to, go get some rest.
India has a tax paying population of 31.5 million and the number is supposed to increase significantly in the coming years. Looking at the number, there is no doubt about the similar phishing attacks happening in future and that’s obvious. All we need is Security awareness about the online scams and attention to our online identities.
I sometimes wonder why the government is not able to focus on the Identity Protection law, well that’s unarguably explicable cause the government is still busy and struggling with the women reservation bill (opposition demands for categorizing women rights as per their caste and religion) and Nuclear treaties with the United States. Hell, they are up to something way important then the security of the citizens.
But why do we wait for the Identity Protection Law, why not take some initiatives, after all it’s the matter of our own security. So the Next time you get such a scam mail, repeat it with me, “I am not entertaining the e-mails that I don’t know, I will not reveal my account information, just like that”
Following are some of the snapshots you should have a look at:
SCAM e-mail
You will be redirected to the following phishing site on clicking the link in the e-mail above.
The Online Tax Refund Form has all the fields compulsory to be filled, like card number, bank account details, Credit card CVV number & ATM PIN etc
Checkout the phishing site address (it’s down now):
Last year, the phishing host server originated from Russia:
netname: SURGUTTEL
descr: JSC Surguttel
descr: 628400, Surgut, 32, 30 let Pobedy str, Russia
remarks: INFRA-AW
country: RU
admin-c: ADS244-RIPE
tech-c: ADS244-RIPE
tech-c: RRR20-RIPE
tech-c: PN2159-RIPE
status: ASSIGNED PA
mnt-by: SURGUTTEL-MNT
source: RIPE # Filtered
person: Andrey D Sergeev
address: JSC Surguttel
address: of Surgut, 30 Let Pobediy str., 32
address: 626400, Surgut, Russia
phone: +7 3462 523185
e-mail: a.sergeev@ugratel.ru
This time it originated from the Netherland:
NetName: 217-RIPE
NetHandle: NET-217-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: NS3.NIC.FR
NameServer: SUNIC.SUNET.SE
NameServer: SNS-PB.ISC.ORG
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: TINNIE.ARIN.NET
OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
Obviously, the name and the address given in the whois record is not real.
Caution:
- Pay attention to the hyperlinks in such emails and look at the address bar for the authenticity of the url.
- Do not open attachments from any e-mail address that you did not expected. Use E-mail filters that check for the SPF record of the domain. Don’t click on the hyperlinks just like that.
- Do not reveal your account information or personally identified information to such sites.
- Please use the legitimate site http://www.incometaxindia.gov.in/ for any help regarding the income tax refund.
- If you receive such mails, do not pay any heed and simply mark them as “spam” and press delete.
- Spread awareness not hoax
Thumbnail image Source: http://en.wikipedia.org/wiki/File:Phish.jpg as per the Creative Commons Attribution-ShareAlike License This image is a work of a Federal Trade Commission
Recent Comments