South African Revenue Service Tax Refund Phishing Scam
Outline Email, purporting to be from the South African Revenue Service (SARS) claims that the recipient can claim a tax refund by clicking a link and submitting an online tax refund request form.
The email is not from SARS and the promised refund does not exist. The message is a phishing scam designed to trick recipients into handing over their personal and financial information to Internet based criminals. Those who follow the link in the message will be taken to a bogus web page designed to resemble the genuine SARS website. The bogus page will contain a form that asks the visitor to submit personal and financial information. All information submitted on the form will be sent directly to scammers.
After the last annual calculations of your fiscal activity, we have determined that you are eligible to receive a tax refund of 8,582.50 ZAR. Please submit the tax refund request and allow 2-3 days in order to process it.
Click Here to submit you tax refund request
Note : A refund can be delayed a variety of reasons, for example submitting invalid records or applying after deadline.
South African Revenue Service.
This email, which claims to be from the South African Revenue Service (SARS), informs the recipient that he or she is eligible for a tax refund of 8,582.50 ZAR. To claim the refund, the recipient is instructed to follow a link in the message and fill out an online "tax refund request" form.
However, the email is not from SARS and the claim that the recipient is eligible for a refund is untrue. In fact, the promised refund is just the bait used to entice recipients into visiting a bogus website and disclosing private personal and financial information. Those who click the link in such messages will be taken to a fake website that is constructed to closely resemble the genuine SARS website. The fake website will contain a form which is very similar to genuine eFiling forms published on the legitimate SARS website. The fake form requests bank and credit card details, including the card's PIN, along with other personal information. All information on this form can then be collected by the criminals running the scam and used for bank and credit card fraud.
In order to make the scammers' claims seem more genuine, the fraudulent email uses genuine SARS logos stolen from the SARS website and includes secondary links that point to the genuine SARS site. To drive the illusion even further, the scammers also use "spoofing", a technique in which an email's header is forged in such a way that a message appears to have been sent by a person or entity other than the actual sender. Thus, even though the email address shown in the "From" field of the email may appear as a genuine SARS address ( firstname.lastname@example.org), it actually originated from a different sender that has no connection to SARS whatsoever.
SARS has published information on its website warning South African taxpayers about such phishing scams. SARS will never send unsolicited emails that ask taxpayers to provide login credentials, bank and credit card details, PINS or other sensitive personal information.
Internet users should be very cautious of any emails that claim to be from their country's tax department and request that they provide personal or financial information either via links in the message or attached files. South Africans are not the only taxpayers who are regularly targeted by phishing scammers. Very similar scams have recently targeted people living in the United Kingdom, the United States, Canada, Australia and India.