Fraudulent emails about Tax Refunds - SSO-AL2009-048

01 October 2009

Software and platform affected

None.

What is the problem?

New fraudulent emails are circulating which pretend to be from the Australian Government. Using social engineering tricks the criminals behind these emails try to trick you into providing personal information as a pretext to receiving a tax refund. This personal information can be used by the criminals to steal your identity.

The subject of the email may contain wording the same as, or similar to:

Tax refund (5416533) 250.50

Australian Taxation Office - Tax refund (592113) 250.50

Your Refund Amount Is 210.75 AUD

Australian Tax Refund Agency

The from line of the email may contain wording the same as, or similar to:

"Australian Taxation Office" <refundaud@ato.gov.au>

"Australian Taxation Office" <ijhhcz@accounts.net>

"Australian Taxation Office" <nghknt@management.net>

"ATO" <ato.gov.au>

The body of the email may contain wording the same as, or similar to:

You have a Tax Refund on your Visa or Mastercard,
Complete the formular, and get your Tax Refund.

(Your Refund Amount Is 210.75 AUD)

Complete Formular <http:// removed for security reasons /> .

Copyright 2009 - Australian Taxation Office. All rights reserved.

Or alternatively:

Dear Australian Taxation Office customer,

After the last annual calculation of your fiscal activity we have determined
that you are eligible to receive a tax refund of AUD 250.50.

Please submit the tax refund form and allow us 3-5 business days in order
to process it.

A refund can be delayed for a variety of reasons. For example submitting
invalid records or applying after the deadline.

To access the form for your tax refund, please Click Here
<http:// removed for security reasons /> .

NOTE!
For security reasons, we will record your ip-address and date.

Thank you,
Australian Taxation Office Online Department.

This is a scam.

The emails may include links to web sites that attempt to trick you into supplying personal details.

Providing the information requested is likely to mean that your personal and/or business information may be accessed for fraudulent or illegal purposes.

What we recommend you do

If you receive an email similar to this one, do not reply or click on the links in the email.

If you have provided personal information that includes your credit card or bank account information in response to an email request regarding this matter, the information you supplied has been captured by a criminal. Please notify your bank and the Australian Taxation Office.

Where you can find more information

Further information about detecting and preventing being fooled by phishing attacks is here:

SSO Factsheet Protecting Yourself Against Phishing Attacks.

Disclaimer

This Alert has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy.

The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Alert is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances.

The Commonwealth, AusCERT, and all other persons associated with this Alert accept no responsibility or liability for information either included or referred to in the Alert. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Alert, whether by way of negligence or otherwise.

The listing of a person or organisation in any part of this site or Alert does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service.

Please note that material in this Alert, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Alert may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.

		SEARCH
Home Advisories Alerts Newsletters Subscribe or Log In Visit Stay Smart Online	Larger text Smaller text You are here: Stay Smart Online Alert Service > Client applications > Fraudulent emails about Tax Refunds - SSO-AL2009-048 Fraudulent emails about Tax Refunds - SSO-AL2009-048 01 October 2009 Software and platform affected None. What is the problem? New fraudulent emails are circulating which pretend to be from the Australian Government. Using social engineering tricks the criminals behind these emails try to trick you into providing personal information as a pretext to receiving a tax refund. This personal information can be used by the criminals to steal your identity. The subject of the email may contain wording the same as, or similar to: Tax refund (5416533) 250.50 Australian Taxation Office - Tax refund (592113) 250.50 Your Refund Amount Is 210.75 AUD Australian Tax Refund Agency The from line of the email may contain wording the same as, or similar to: "Australian Taxation Office" <refundaud@ato.gov.au> "Australian Taxation Office" <ijhhcz@accounts.net> "Australian Taxation Office" <nghknt@management.net> "ATO" <ato.gov.au> The body of the email may contain wording the same as, or similar to: You have a Tax Refund on your Visa or Mastercard, Complete the formular, and get your Tax Refund. (Your Refund Amount Is 210.75 AUD) Complete Formular <http:// removed for security reasons /> . Copyright 2009 - Australian Taxation Office. All rights reserved. Or alternatively: Dear Australian Taxation Office customer, After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund of AUD 250.50. Please submit the tax refund form and allow us 3-5 business days in order to process it. A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access the form for your tax refund, please Click Here <http:// removed for security reasons /> . NOTE! For security reasons, we will record your ip-address and date. Thank you, Australian Taxation Office Online Department. This is a scam. The emails may include links to web sites that attempt to trick you into supplying personal details. Providing the information requested is likely to mean that your personal and/or business information may be accessed for fraudulent or illegal purposes. What we recommend you do If you receive an email similar to this one, do not reply or click on the links in the email. If you have provided personal information that includes your credit card or bank account information in response to an email request regarding this matter, the information you supplied has been captured by a criminal. Please notify your bank and the Australian Taxation Office. Where you can find more information Further information about detecting and preventing being fooled by phishing attacks is here: SSO Factsheet Protecting Yourself Against Phishing Attacks. Disclaimer This Alert has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy. The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Alert is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances. The Commonwealth, AusCERT, and all other persons associated with this Alert accept no responsibility or liability for information either included or referred to in the Alert. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Alert, whether by way of negligence or otherwise. The listing of a person or organisation in any part of this site or Alert does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service. Please note that material in this Alert, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Alert may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.
	Last Updated: 2009-10-01 Copyright \| Privacy \| Disclaimer