Another Taxation Office phishing scam
If you are an Australian Taxpayer, be wary of another phishing campaign that has started up. Once again, this one claims to be from the Australian Taxation Office (ATO), and tells the recipient that they are eligible for a refund. All they need to do is click on a link. Sadly, this is another phishing scam. Worse, this scam may download malware onto your PC in the form of a version of CryptoLocker.
Whilst the email we have extracted and displayed as Figure A looks simple, this email is still dangerous. The sender of the email is listed as “Australian Taxation Office”. The subject of the email is “Australian Taxation Office – Refund Notification”. There is one link contained in the email; the anchor text in the URL looks the same as the genuine ATO website. There is no greeting as such, and the email signs off as being from a “Neva Gaston” from the “Tax Refund Department Australian Taxation Office”. No ATO branding or logos are used.
The basis for the email is supposedly to inform the recipient that they are eligible for a tax refund. The amount of the refund specified in the email does vary. The recipient is told to click on a link to view or download the tax refund notification.
Unfortunately, there is no refund (a common state of affairs with tax). Worse still, clicking on the link downloads ransomware onto your PC, usually in the form of CryptoLocker. This is a scam email. The Australian Taxation Office is aware of these scams, and has produced a page listing some methods of spotting common scams. You can easily verify the legitimacy of this email by mousing over the link. It does not lead to an ATO site. Instead, it leads to a malicious site that serves malware. Don’t believe the line about a tax refund; this email is a scam, and can be deleted.