+92-3125511770 admin@makemefiler.com

Disclaimer: The Federal Board of Revenue (FBR) never emails taxpayers asking for their PINs, passwords, or other login credentials for credit cards, banks, or other financial accounts.

BACKGROUND

There are numerous attempts made by people and organisations to obtain personal information from unwary users by using social engineering methods. Several emails are designed to look as though they were sent by a reputable company or well-known person. These emails frequently try to persuade recipients to click a link that will lead them to a phoney website that looks official. The user might then be prompted to enter personal data, such as usernames and passwords for accounts, which puts them at risk for later compromises. These fraudulent websites might also have malicious software on them.Emails sent with the intention of obtaining the banking information of a taxpayer in order to facilitate a refund to the taxpayer or any other activity involving that person’s bank account are extremely risky and have the potential to defraud the recipient. The FBR strongly cautions the taxpayer against sharing any information, particularly that relates to your bank accounts, through these emails and the associated links.
Phishing is what identity thieves do to take advantage of online financial systems and defraud trusting individuals of their money. Phishing is a global phenomenon. Phishing robs people of about $1 billion USD annually on a global scale.

WHAT IS PHISHING IN EMAIL?

The act of creating and sending false or spoof emails with the intention of obtaining sensitive financial and personal information is known as email phishing. In such schemes, emails are created to exactly resemble those sent by reputable businesses. The email addresses of people who have registered for a particular service are used in sophisticated phishing attacks. They are more likely to trust them if they receive emails purporting to be from those organisations or businesses. Links in spoofed emails frequently direct recipients to spoofed websites, where various techniques are employed to solicit and collect users’ financial and personal data. On occasion, emails themselves will also contain forms.

SIGNS OF EMAIL PHISHING

There are many indications that an email is phishing. The greeting is the first thing you should consider. Does it address you by your real name or just a general salutation? Examine the email’s header carefully. What email address belongs to the sender? Typically, these addresses are expertly crafted to appear genuine. But if you look at them very closely, you usually see contradictions and things that don’t make sense. Check to see if the sender’s email address matches any earlier correspondence from the same business. You will notice inconsistencies if it is a phishing email.
Because they are concerned about losing access to these crucial services, people frequently fall for these scams.On their websites, businesses now provide a wealth of information on how to avoid these phishing scams.

Email phishing scams are difficult to completely avoid. Someone will undoubtedly send you a spoof email at some point. Avoiding these scams is as simple as never clicking on links contained in email messages. Make it a rule to enter the website’s URL manually whenever you need to access it. You can determine whether the message you received was genuine once you arrive at the website. Find out where to send the spoof email if it is one; most businesses and institutions appreciate being informed of scams that are taking place.

PHISHING REPORTING PAGE

If you think you have found a phishing page, you should immediately report it to Google using the link below:

https://safebrowsing.google.com/safebrowsing/report phish/?hl=en

This will make sure that unwary users and visitors are alerted before they are tricked into disclosing private information that could compromise their financial accounts and related data.
In order to identify & prevent them from being used to defraud unwary people, suspected links to phishing pages can also be reported to the National Response Center for Cyber Crime:

http://www.nr3c.gov.pk/creport.php

Send the email or website URL to emailsupport@fbr.gov.pk if you come across an email or a website that appears to be from FBR but isn’t.
You can either provide the email’s Internet header or forward the message exactly as it was received. We can identify the sender using additional information found in the Internet header.
Delete the email after you have forwarded the header data to us.

IMPORTANT RECOMMENDATIONS/ADVISORY

If a sender of an email purporting to be from FBR or directing you to a website for income tax:

  • Don’t respond.
  • No attachments should be opened. Your computer could become infected by malicious code found in attachments.
  • Please avoid clicking any links. Do not enter private information like bank or credit card numbers if you clicked on links in a dubious email or phishing website.
  • Avoid copying and pasting the message’s link into your browsers because phishers can make it appear real while actually sending you to different websites.
  • Use and update firewalls, anti-virus software, and anti-spyware. Some phishing emails contain software that can damage your computer or secretly monitor your online activities. Firewalls and anti-virus and anti-spyware software can shield you from unintentionally accepting such unwanted files.

In the interest of the general public, these precautionary instructions have been released. Additionally, the general public is advised that anyone who has fallen victim to this phishing attack by clicking on the link contained in the aforementioned email should immediately change their password for the relevant online bank and never share it with anyone.