Fake income tax refund emails are tricking taxpayers into sharing sensitive data under the guise of ‘manual verification,’ according to recent news reports. The Press Information Bureau (PIB), the nodal agency of the Indian government, has flagged these emails and asked taxpayers to be aware. Fake income tax refund emails are a common phishing scam used by cybercriminals, especially during the tax filing season. Taxpayers need to be vigilant and aware of the key factors to identify the senders, such as whether the communication is coming from a legitimate and official income tax department domain address.
How To Identify Red Flags
Phishing emails are designed to impersonate government authorities and manipulate recipients into disclosing sensitive information. “These emails often originate from unofficial domains (such as Gmail or Yahoo), contain spelling or formatting errors, and urge immediate action to claim a supposed refund. A typical tactic includes links to counterfeit websites that request PAN details, bank credentials, or OTPs,” says Tanmay Banthia, partner, TARAksh Lawyers and Consultants.
Taxpayers are advised to remain cautious when legitimate entities do not seek such information over email or redirect users to unverified portals.
1 July 2025
Get the latest issue of Outlook Money
“Genuine income tax communication from the income tax department always comes from the email ID donotreply@incometax.gov.in. Apart from the one mentioned above, the refund communication will ask you to login to the official income tax department portal, which is www.incometax.gov.in, and check the refund status,” says Deepak Kumar Jain, Founder and CEO, TaxManager.in, the tax advisory and e-filing portal platform.
Importantly, the Income Tax Department never seeks personal or banking information via unsolicited emails, nor does it redirect taxpayers to third-party websites for refund claims. “Further, an official notice carries a unique DIN. This is a crucial security feature that confirms its authenticity,” says Banthia.
What To Do If You Have Clicked On A Suspicious Link
Immediate action should be taken if the individual thinks that he has clicked on a suspicious link or shared the data; he should change all his passwords for the bank accounts, income tax portal, email IDs, and, if possible, activate two-factor authentication verification on login.
“Apart from this, also file a complaint with your bank for any fraud or possibility of fraud to get the debit freeze on your account, which will be followed by the issuance of a new debit/ credit card if required,” says Jain.
Being vigilant and alert can save an individual from a major cyber conspiracy and thereby save their hard-earned savings.
