We get it (and IT!)

Phone: 1300-728-259 or .

ATO Tax Refund Scam Email

This year with the changeover from e-Tax to MyTax has made lodging online easier than ever – BUT please ensure you are not fooled and go to the proper ATO sites and not fraudulent lookalike sites via email links…

At first glance – these emails (above) might appear to be a genuine notifications…

Don’t Be Fooled!

All of these emails pictured are phishing scams designed to steal your personal and financial information or give you malware !

With the ATO killing off e-Tax program and replacing it with MyTax, you should expect to see a surge in spam emails from fake ATO accounts. The title for these emails could be say you are qualified for a Tax Refund or it may ask you to click a link to submit a tax refund request. It may even use “spoofing’ and look like it actually came from a ATO email address…


What happens if you click the link to a bad email?

1. Phishing – To a Fake Lookalike site 

(The attempt to acquire sensitive information such as usernames, passwords, and credit card details…)

If you click the ‘submit a request’ link in the email, you may be taken to a fraudulent webpage that is designed to look like a genuine ATO site (image right).

A form on the bogus page asks you to supply a large amount of your personal and financial information.

If you fill in and submit the form, criminals can collect the information and use it to commit credit card fraud and identity theft.

If the form asks for your email address and email password, the criminals can even then potentially hijack your email account and send emails posing as you…

Check the URL to ensure you are on the correct website before handing over personal details…


2. Malware – (via Email Attachments)

Some Tax emails have attachments that appear to have come from the ATO, which in fact when downloaded infect your computer with malicious software

Sometimes, Scam Tax Emails have a normal looking file attachments (PDF/Word) to lull users into a false sense of security and entice them to open the attachment.

Boobytrapped Word docs containing Macros do exist!

When these documents are opened and clicked macros are enabled – allowing Cryptolocker or other Malware to take hold of the users’ systems. Cryptolocker can then encrypt files and asks for a ransom in order for the user to regain access to his or her return information. The ransom is usually 1.188 Bitcoin or $500, but the amount is doubled if the user doesn’t pay by a certain deadline.

The other pieces of Malware are also nasty – including logging keystrokes, downloading and installing other software, editing the registry, modifing the firewall, and assuming control of the infected PC’s webcam.

Tips to Protect Yourself

Never send your personal, credit card or banking details in an email or over the phone—scammers will use your details to commit identity fraud or steal your money.

If you receive unsolicited emails claiming to be from the ATO, Centrelink or your bank—delete them immediately!

If you are unsure whether you have received a legitimate request, call the organisation by using contact details from legitimate sources. Don’t rely on contact details provided to you in an email or through the phone. Instead, obtain contact details through an internet search, telephone directories or official letters/statements from organisations like banks.

Don’t open any attachments or click on any links in, or reply to, these emails. This may result in downloading malicious viruses on your computer.

Have you been scammed?

If you suspect your Office network has been compromised by an attack – please do not hesitate to contact Black Knight IT! We offer a full network evaluation to determine exactly what is wrong and provide our best I.T solution possible…

Call 3806 6727 or email melanie@blackknight.net.au