MCMC Cautions Users against Phishing Attempts

Authorities are warning people to be cautious of the phishing attempts leveraging on the Inland Revenue Board's (IRB) latest exercise of repaying overpaid taxes.

The Malaysian Communications and Multimedia Commission (MCMC) on July 28, 2010 gave a general idea about the technique of this phishing attempt and said that a person would get a spam email supposedly from the IRB that he or she was entitled to a compensation of RM700. Users would then be prompted to click on the logo of a local bank displayed on a fake IRB website to go ahead.

If the users followed the instructions given in the phishing e-mail, then they would probably be tricked into disclosing their personal financial details and information.

The IRB said that the e-mails were sent from an address Tax-Payment@hasil.gov.my and did not originated from the board. Further, the report also stated that this was a fake e-mail and not sent by the IRB, as reported by thestar on July 21, 2010.

The authorities revealed that this was the new scam to fool public into revealing their personal details, mainly their income tax details and information to unfamiliar people.

As per the security experts, cyber criminals use the latest tax related topic in Malaysia. Early this month (July 2010), Deputy Finance Minister Datuk Dr Awang Adek Hussein informed the Dewan Rakyat (The Dewan Rakyat or the House of Representatives is the lower house of the Malaysian Parliament) that 870,630 taxpayers had overpaid their taxes by RM10bil last year (2009), as reported by thestar on July 21, 2010.

Awang Adek further stated that as of last year (2009), the IRB had to repay 150,757 taxpayers.

The MCMC advises that the public should take precautionary measures like using up-to-date web browsers, in-built phishing filters and not get lured by e-mails proclaiming refunds, prizes or cash wins that require online banking details.

Further, the Inland Revenue Board has recommended users who received the fake e-mail from that address not to open it. If receivers have opened the e-mail, the users should either delete it and don't reply or don't provide the sender any personal details.

» SPAMfighter News - 8/7/2010