If you’ve recently received a text message from ‘QP-ITEDPT’ with a link to submit a formal request for remittance of your unclaimed tax refund, don’t fall for it and submit the required details, else you might become victim to an elaborate phishing scam.
A viral screenshot on Twitter shows how unsuspecting people are being trapped via a text message with a link that asks them for their personal and bank details.
So, What Caught Our Attention?
First, the fact that the link provided in the message, unlike other URLs of government websites, does not have a ‘.gov.in’ domain extension.
Further, on visiting the website, we discovered that the web page has no back links to the official website of the Income Tax Department.
Upon opening the URL, a warning pops up saying that the URL is not ‘safe to be browsed’. A ‘not secure’ message also pops up, which would not be the case for an official, safe and verified website.
Additionally, there is no ‘s’ in the underlying protocol ‘https://’ (which shows up for safe websites) in the website’s URL. The ‘s’ stands for secure and indicates that the website uses encryption to transfer data safely, thus protecting it from hackers.
Don’t Fall For Carefully Designed Mock Websites
Further, the mock website has been carefully designed to resemble the real website of the Income Tax Department. Also, the website also has several linked pages closely resembling payment gateways of various banks (ICICI, SBI etc).
There is a list of banks a user can select, with each of them looking authentic enough for a lay person to fall for the scam, by filling in their net banking details.
What Happens Now?
Being familiar with scams that aim at making a user download an app, we at The Quint decided to proceed with the link by filling random numbers in the required fields.
Despite the account details not even existing, we were directed to a website that resembled the website of the Reserve Bank of India.
We continued filling in arbitrary details in the fields provided on being guided ahead.
Finally, after providing a phone number and email address, we were directed to the final step where a link was sent to the phone number we provided.
On accessing the link on the phone, on which we had received the text message, we were asked for permission to download an ‘.apk’ extension file onto our android device.
After we allowed the file to be downloaded, it requested us to make it the phone’s default messaging application.
What We Found
The Income Tax Department, in response to queries raised by various users on Twitter, has issued a warning against the phishing messages.
While, the exact nature of the scam cannot be determined without providing actual details, it is clear that it seeks to access your net banking details to possibly gain access to your bank account.
Beware of providing such details to any such link! Different links with the same aim are doing rounds. Don’t click on any of them.
Further, seeking permission to become the default messaging application of the phone could possibly be a method to read the OTPs received during online banking/ e-payment transactions.
( Not convinced of a post or information you came across online and want it verified? Send us the details on Whatsapp at 9643651818, or e-mail it to us at webqoof@thequint.com and we'll fact-check it for you. You can also read all our fact-checked stories here)
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)