ITR Returns: As March Closing draws closer, people are busy filing income tax returns. After which the refund starts. But for the past few times, a message is coming to bring the claim for a refund. If you have also received the message, you need to be careful as well as neither open the link given in it nor share your information. Otherwise, your savings should not be lost in the cycle of taking returns. The cybersecurity firm Otabate Infasis, along with the Delhi-based think-tank Cyberpiece Foundation, has revealed this in their report. How is this new fraud, how can we identify it, and can you avoid it, let’s know-
This is a message like this in the name of ITR Returns
A link is being sent to the message being sent via SMS on Fane to submit the application for income tax refund. If you do not sing, perhaps you will feel that there is only an e-filing page of the Income Tax Department. Here comes the option to click your processed to the verification steps button. As soon as you click it, after this your information appears in which the full name, Aadhaar and PAN card number, PINCAD, mobile number, gender, email address, date of birth etc. After this, information like banking information such as bank account number, card number, IFSC cad, CVV, PIN is asked to be filled.
After this, the users are redirected to a page. Where they are asked to confirm the information filled earlier. After submitting it, the user reaches a false banking login page, it also remains the same in appearance.
Here you are asked to fill in username and password etc. for online banking. Go also gives information in this, after that the user is asked to enter a CIF number with a hint question, answer, and profile password. An Android mobile app is said to be downloaded to complete the ITR Returns verification as soon as it is registered.
This app is requested to give permission to all devices, after clicking on the green downlaid link, the certificate. The app named apk starts down. The app is downlaid. Money is withdrawn from your account.
The name of these banks has been used
According to the report, the names of HDFC Bank, Punjab National Bank, State Bank of India, ICICI, Axis Bank are being used for this fraud . Suspicious links to be sent from the US and France are being prepared, in which complete information about the user’s personal as well as backing is being collected. If a user gets caught in this type of trap, it can cause a lot of damage. The link shared for the message is not a Kai Domen name, while it is not a link with the Government of India. Experts say that all the IP addresses associated with this campaign belong to some third party dedicated cloud hosting providers.
This is how you can identify
Because the fraudsters are so vicious that they are preparing the page, prima facie it looks exactly like the government e-filing page, so many people get into the losses quickly, but there are some basic things that we can recognize in the beginning itself That is the link sent for forgery. For example, HTTPS will not be used in the link of the site sent in it, only the normal HTTP protocol is being used, which makes it clear that any person can track the network or internet traffic and use the information of the users to misuse their information. Can easily be obtained. Apart from this, in this kind of fraud, it is said that instead of Google Play, downloading the app from any third party service. If you want, you can avoid it by taking care of them in the beginning.