Another tax refund phishing scam
The headline says it all. Another tax refund phishing scam started up this week. This one is targeting National Australia Bank Customers. It’s not a clever or sophisticated scam. These scams can still snare victims, even if the emails seem obviously bogus.
We have reproduced the email in Figure A. It is a pretty nondescript type of phishing email. There is no ATO logo, or any sort of logo. The subject line of the email might, however, be eye catching: it is “Australian Taxation Office – Get Your Tax Return”. The sender of the email is listed as “ato”. There is one link contained in the email. The text of the link is “Link your account now where refund will be made”.
The email opens by declaring that it is a message from the myGov team. An email address is specified; we have blacked this out. The reason for the email is supposedly to inform the user that they are eligible for a tax refund. To get access to the funds, the user needs to link their National Australia Bank account, which they can do by clicking on the link.
Using the idea of a tax refund to snare users is a less common, but still effective, means used by criminals to snare users. Most people like the idea of being able to claim back tax money. Sadly however, this email is not from the Australian Government. It is a fake.
Aside from the simple appearance of the email, there is one big red flag that shows this email is fake. The link in the email does not lead back to any Australian government website. It leads to a phishing site. The primary aim of the site is to steal bank account details and other items of personal identifiable information. Do not click on the link; delete the email if you receive it. The Australian Taxation Office has a page on their website that (via StaySafeOnline) contains several examples of phishing emails that are used by scammers.