Fact Check: Messages of IT dept. asking for bank details to claim refund are fake
A text message in the name of the Income Tax department (IT) is circulating asking people to fill in their bank account details to avail the refund available to them. A link to a website is also shared within the message.
Claim :
IT department sends messages pertaining to refundFact :
Such messages are a hoax.
Scam messages requesting users to fill details for IT refunds
Telugu Post received queries regarding these SMSes from readers to verify its authenticity.
FACT CHECK:
We first noticed that messages sent in such formats always turn out to be scams. Such suspicious messages ask users to submit a refund application through a link that directs users to a third party webpage.
Users should note that the official government domain ends with .gov.in which clearly indicates it belongs to the Government of India. However, the shared link within the SMS has no domain name and is not linked with the Government of India, All internet protocol (IP) address. This SMShing campaign uses popular URL (Universal Resource Locator) shortening service to make it look that the message is genuine.
The specific link shared in the above-mentioned text belongs to an online bookstore and has no connection to income tax refund.
Individuals should be aware that by clicking on such links or filling any details on the suspicious websites can mean anyone on the network/internet can access confidential information and misuse it against the victim. Such processes collect personal data as well as financial information from the users.
The official government Income Tax page clearly states that the department does not request detailed personal information through e-mail nor does it send email requesting PIN numbers, passwords or access information for credit cards, banks or other financial accounts.
In 2018, the CERT shared a release on such fraudulent scams and stated that details entered by a user on such websites can be used by cyber criminals for identity theft, sale on dark web or for even alerting details in IT records.
It listed that the best security practices people can adopt would be not responding to suspicious SMS/emails and not clicking on suspicious links as it may direct them to a phishing website and give away confidential information. (Read more here)
With this, it is evident that such messages are a hoax.