The Income Tax Department has been at the forefront of using technology in implementing its –e-Governance initiatives. Most of its routine communication to taxpayers is through email and SMS. Therefore, the Department is very sensitive and alert to attempts made by fraudsters to spoof the Department’s identity to send phishing emails. To ensure that taxpayers are aware that the Department does not seek any confidential or financial information of the taxpayer over email, the below mentioned advisory has been prominently displayed on the national website:
“The Income Tax Department NEVER asks for your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts through e-mail.
The Income Tax Department appeals to taxpayers NOT to respond to such e-mails and NOT to share information relating to their credit card, bank and other financial accounts.”
 
The Do’s and Don’t’s to ensure that the gullible taxpayers do not inadvertently play into the hands of fraudsters are clearly mentioned on the website: http://www.incometaxindia.gov.in/Pages/report-phishing.aspx.All taxpayer reports of phishing emails are forwarded to incident@cert-in.org.in which is a Government of India agency mandated to fight against such threats.
 
Further, the Department has implemented best practices such as SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting & Conformance) for its email domains. Use of these protocols enables the e-mail receiver domains such as Gmail, Yahoo, Hotmail etc to determine whether or not a received e-mail is actually from the defined sender such as the Department and block phishing emails from reaching the taxpayer.
 
Taxpayers are advised to follow these simple checks if they do receive any email purporting to be from the Income Tax Department:
 

 
            Income Tax Department is committed to encouraging taxpayers to engage with it electronically by following safe and best practices.