Symantec Alerts Australian Taxpayers of ATO Phishing E-mails

MessageLabs Intelligence unit, division of computer security firm Symantec, is warning taxpayers in Australia of phishing e-mails as it is observing an increase in such phishing e-mail attacks since January 2010. Individuals and businesses are being targeted with sophisticated phishing assaults purporting to be emanating from the Australian Taxation Office (ATO).

Adrian Covich, Principal Systems Engineer at Symantec, said that there will be increase in ATO-based claims as the time progresses. Many such claims were observed in 2009 and the same is likely to happen this year also, as per the news published by smartcompany.com.au on June 29, 2010. These assaults are no more obvious and have become rather sophisticated.

According to Covich, these e-mails will often try to promote early tax returns along with various messages urging small businesses update their tax information. Generally, the e-mails use legitimate ATO graphics, and use various visual elements and fonts from the genuine e-mails from ATO - all in a bid to make the e-mails look legitimate.

It is noteworthy that the cybercriminals launching phishing scams abusing ATO can misuse the information garnered from victims to gain access to their accounts, thus stealing their hard-earned money, noted the security firm. They can also use those details for identity theft.

In another statement published by smh.com.au on June 29, 2010, Symantec said that imitating government and tax agencies is becoming an increasingly lucrative area for phishers.

Supporting Symantec's statement, ATO further advised Australians to be cautious of the potential phone or e-mail scams and asked to report any such suspicious activity to the tax office on 13 28 61.

The ATO said that the agency might at times send SMS or e-mails to its customers promoting newly launched products or services, but it would never ask for their personal details, like credit card number, date of birth, TFN or passwords, as per the news published by smh.com.au on June 29, 2010.

Symantec has meanwhile advised Internet users that they could easily avoid falling to these phishing assaults by simply keeping their browser as well as security solutions up-to-date. They should also avoid clicking on Web links provided in unsolicited e-mails requesting sensitive information.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 7/8/2010