ATO Cautions Taxpayers of New Tax Refund Phishing Scam
The Australian Tax Office (ATO) has cautioned people about a new phishing e-mail relating to tax refunds, with one such phishing e-mail was received by a staff member of iTWire (news publishing site).
The staff member of iTWire states that the phishing mail with subject line "2008 - 2009 Recalculation of you tax refund" informed that after calculating the last annual calculation of his fiscal activity, the ATO discovered that he was entitled for getting a tax refund of AU$ 568.24.
Further, the e-mail asks the staff member of iTWire to fill in the individual tax return form attached with the mail. The information asked in the form includes credit card or bank account number where the supposed tax refund will be deposited, followed by the three-digit security code from the back of the card or the ATM PIN for the account.
However, ATO officials examining the phishing mail state that the hackers estimated the tax refund of the recipient's 08/09 before filing the tax return for 08/09. Thus, a vigilant taxpayer can easily identify the inconsistency.
ATO officials add that the phishing email is well designed as far as the practical steps adopted by the phishers are concerned. Comprehending the fact that people have become wise in dealing with e-mails, the attackers ask the recipients to fill in the form and then print it out and send by post. The HTML form disguises as a PDF using the old double suffix method, with forged toolbars in the background image to augment the visual similarity.
Nevertheless, if some user fills in the form and click on the PRINT button, the information is sent to a server and therefore ensnared by the hackers.
To detect the scam, the ATO officials declare that it does not use 'AU$' in its forms and letters and thus, this is an indicator that the mail is a fraudulent one.
ATO also claims that many variations of tax refund theme are presently hovering to fool taxpayers. Thus, the ATO and the security experts suggest that web users should be watchful.
Related article: AT&T Website Faces Hackers’ Axe
» SPAMfighter News - 23-06-2009