The income-tax department has cautioned taxpayers about fraudulent emails circulating online that falsely claim to be issued for Assessment Year 2025–26 and ask recipients to click on a link to view a “Assessment Order” or pay. Authorities said the email and the attached order are fake and were not issued by the department.
In a separate alert, the Press Information Bureau Fact Check unit also warned about another scam email offering an e-PAN card download link designed to trick users into clicking malicious links.
“Have you also received an email asking you to download e-PAN card? This email is fake,” PIB Fact Check said in X post.
The I-T department has repeatedly cautioned taxpayers about phishing attempts and fraudulent emails. Taxpayers have been advised not to share personal or financial information and to verify any tax-related communication only through the official Income Tax e-Filing Portal, noting that official emails are sent only from domains such as @incometax.gov.in.
How phishing scams work
Phishing emails are crafted to deceive recipients into clicking on malicious links or downloading attachments that can install harmful software on their devices. You can report phishing emails at webmanager@incometax.gov.in
If you receive an email from someone claiming to be authorised by the I-T department or directing you to an income-tax website, here’s what should you do:
Do not respond to the email.
Avoid opening any attachments, as they may contain malicious code that could infect your smartphone or computer.
Do not click on any links included in the email. If you have already opened a link, do not enter sensitive details such as bank account or credit card information.
Do not copy and paste the link from the email into your browser.
Ensure your device is protected with updated antivirus, anti-spyware software, and a firewall, as some phishing emails may carry programs that can damage your system or track your online activity.
How to remain protected from such scams
Avoid clicking on suspicious links or sharing personal or financial information. Always remember the I-T department never asks for passwords, OTPs, or bank details through email, SMS, or phone calls.
“Staying alert, verifying information only on official websites and refusing to share sensitive details are the best ways to protect yourself and your money,” said Aayushi Singh, Partner, Legum Solis.
What should you do if you are trapped in such scam?
In the event that a user encounters or falls victim to a fraudulent communication, the incident should be reported immediately.
“The national cyber fraud helpline, reachable at 1930, together with the cybercrime reporting portal at cybercrime.gov.in, are the designated mechanisms for initiating corrective action. Government advisories strongly encourage prompt reporting to minimise potential financial damage and to support ongoing enforcement efforts,” an tax expert said.
