Phishing email in garb of I-T dept lurking in Indian cyberspace

An information stealing computer malware by masking as a message from the Income Tax Department has been found prowling in the Indian cyberspace, a federal cyber security agency has warned in a recent advisory. To get more business news today, you can visit shine news official website

"A phishing and malware campaign is active since at least September 12 and is targeting individuals as well as financial organisations. The campaign involves fake emails purporting to be sent from Indian Income Tax Department," the CERT-In said its latest advisory accessed by PTI.

Indian Computer Emergency Response Team (CERT-In) is the national agency to combat hacking, phishing incidents and to fortify security-related defences of the Indian Internet domain. While phishing denotes to a category of cyber crime where a person's personal vital information like banking, credit card details and passwords are stolen, malware is an e-virus.

A senior tax official said fraud links faking the I-T department are often used by fraudsters as people are very concerned and serious about their tax filing, refunds and other businesses with the department.

"It is very important to guard against any malicious email that talks about your I-T records or banking issues. The department has run many awareness series to educate people and taxpayers against these frauds," the official said. The advisory said at least two variants of the latest malware emails have been observed.

First variant includes an attachment with extension an image which contains a malicious file while the second variant lures the users to download a malicious file hosted on a sharepoint page via a link of fraudulent domain incometaxindia[.]info, it said. This domain, it said, has now been disabled.

"The malware samples add persistence by modifying the Windows registry and have been observed to have information stealing capabilities," it said.

Do not to open documents from untrusted sources and should disable running macros in MS Office by default; don't open attachments in unsolicited e-mails, even if they come from people in your contact lists and never click on a URL contained in an unsolicited e-mail, even if the link seems benign, it said.