ATO warns taxpayers of fake refund phishing scam

Stephen Withers
Monday, 15 June 2009 07:05

Business IT - Security

Just as the financial year draws to a close, scammers are using the Australian Tax Office as a guise to collect information about active bank and credit card accounts that would allow fraudulent transactions to be made.

A phishing email received by an iTWire staffer informed him that he was eligible to receive a tax refund of AU$ 568.24. The email is apparently in wide circulation.

There are a number of clues in the message that suggest it is a fake.

First, the ATO postal address shown in the email is not the standard GPO Box 9990.

Second, the heading is "2008 - 2009 Recalculation of you tax refund". Apart from the typo ("you" should be "your"), the 2009 financial year has yet to end, so there's nothing for the ATO to recalculate yet.

Third, the ATO doesn't use "AU$" in its letters and forms. What other sort of dollar would it be referring to?

Fourth, the signature block is unlike those used by the ATO.

Variations on the theme are known to be in circulation.

Technically, the fraud is quite clever. Realising that people are getting wise to phishing, the perpetrators ask their victims to complete a form, and then print and return it by post.

The HTML form masquerades as a PDF using the old double-suffix trick, with fake toolbars in the background image to increase the visual resemblance.

Find out on page 2 what happens if you do complete the form.