ISLAMABAD: The Federal Board of Revenue (FBR) has advised the taxpayers and general public not to send their bank account details and password to emails received from any email address that is apparently from FBR.
A statement issued by FBR on Wednesday stated that it has been reported that some fraudulent people are using a fake webpage of FBR created for nefarious purposes.
The taxpayers receive an email from fake email addresses like customerservice@fbr.gov.pk which appear to be originating from FBR but in fact are not, it added.
In mail the people are told to collect their tax refund by clicking the link to a fake website of FBR with links to banks.
It further said that FBR’s official website is http://www.fbr.gov.pk but the click leads to web address http://www.springtowinter.gr/fbr.gov.pk/fbr.gov.refundportal.htm.
Once there, the fake page of their bank opens asking for their account number and password. If the users provide the information, their identity thus gets stolen and their accounts then can be hacked and they deprived of their money.
This trick, called Phishing, is used by identity thieves around the world who misuse the online financial systems and deprive unsuspecting people of their money. Globally phishing deprives people of around a billion dollars annually.
Any link to any bank is not provided on FBR’s website and FBR would never ask for your bank details and passwords on its home page, it added.
Banks always advise their customers against disclosing their password even to bank officials or bank’s genuine websites. Public is requested to be careful and prudent regarding such emails and the links provided through such emails.
All taxpayers and general public are requested not to trust such emails and never disclose their bank account numbers, passwords and other details.
These precautionary instructions are being issued in the public interest and public is also advised that if someone has become a victim of this phishing attack through using the link sent through above mentioned email, they must immediately change the password of the relevant online bank and never share it with anyone.
