By The Pulseline News Desk
Sri Lanka CERT has issued a public warning over a sophisticated scam in which fraudsters pose as officials from the Inland Revenue Department (IRD), attempting to pressure taxpayers into making payments through fraudulent online links.
The alert follows a complaint from a businessman who narrowly avoided becoming a victim after receiving a suspicious phone call from a number beginning with “0113,” with the caller claiming to represent the IRD’s head office.
What initially appeared to be a routine tax inquiry quickly escalated into what cybersecurity experts now describe as a carefully orchestrated attempt to steal personal information and money.
According to Sri Lanka CERT, the caller addressed the businessman by name and requested his Taxpayer Identification Number (TIN), creating the impression that the call was legitimate. The caller then alleged that the businessman had failed to settle outstanding taxes and warned that legal action could be taken unless an immediate payment was made.
To facilitate the supposed payment, the caller requested either a WhatsApp number or email address, claiming that a payment link would be sent directly to him.
However, the businessman became suspicious.
Unaware of any tax payment procedure involving direct payment links, he ended the call before providing any information.
His concerns deepened when attempts to return the call went unanswered. Minutes later, the same number contacted him again. During the second conversation, the caller reportedly adopted a more aggressive tone, insisting that payment be made immediately to avoid legal consequences.
Rather than complying, the businessman ignored further calls and reported the incident to Sri Lanka CERT.
Subsequent investigations revealed that the IRD does not send payment links to taxpayers under any circumstances. Tax payments are processed only through authorised banking channels and official government procedures.
Cybersecurity officials warned that had the businessman followed the instructions and entered his details through a fraudulent link, he could have exposed sensitive personal and financial information to criminals, potentially leading to identity theft or financial losses.
The incident highlights a growing trend in cyber-enabled fraud, where scammers exploit public concerns about taxes, government regulations and legal penalties to pressure victims into acting without verification.
By using personal details such as names and referencing tax obligations, fraudsters are often able to create a sense of urgency and legitimacy that can catch unsuspecting individuals off guard.
Sri Lanka CERT is urging taxpayers to remain vigilant and verify the authenticity of any calls claiming to originate from the Inland Revenue Department. Members of the public have been advised not to disclose TINs, banking details, passwords or other sensitive information to unknown callers.
Officials further stressed that tax-related information should be obtained only through official government channels and encouraged anyone who receives suspicious communications to report them immediately.
As cybercriminals continue to refine their tactics, authorities warn that awareness remains one of the strongest defences against increasingly convincing scams targeting both businesses and individuals across the country.
Leave a comment