A large number of taxpayers, specifically the business community, are receiving fake emails of income tax refunds from the Federal Board of Revenue (FBR).
The fraudulent emails are issued from fake email addresses of FBR’s field formations and request the taxpayers to click on certain links such as “update my account details”. The emails also inquire about the bank details of the taxpayers.
According to the FBR, there are numerous attempts by individuals and groups to solicit personal information from unsuspecting users by employing social engineering techniques.
Emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, which can further expose them to future compromises.
Additionally, these fraudulent websites may contain malicious code. Emails designed to obtain a taxpayer’s banking information in lieu of facilitating a refund to the taxpayer or any other activity associated with an individual’s bank account are extremely dangerous with an intent to defraud the individual.
FBR has advised taxpayers not to disclose any information especially related to bank accounts in reply to these scam emails and associated links.