Summary: Email, purporting to be from the Australian Taxation Office, claims that the recipient can receive a large tax refund by clicking a link in the message and filling out a web based form (Full commentary below).
After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $210.75 AUD . Please submit the tax refund request and allow us 6-9 days in order to process it.
A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.
To access the form for your tax refund, please click here
Regards,
Australian Taxation Office
Example:(Submitted, January 2009)
Please Submit The Tax Refund Request
After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $9,490.55. Please submit the tax refund request and allow us 2-3 days in order to process it.
A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access the form for your tax refund, please click here (Link to bogus website removed)
Note: For security reasons, we will record your ip-address, the date and time. Deliberate wrong inputs are criminally pursued and indicated.
Regards Australian Tax Office.
Commentary:
These emails claims that the recipient is eligible for a large tax refund from the Australian Tax Office (ATO). In order to claim the refund, the recipient is instructed to click a link in the message and provide personal and financial information on a web based "tax refund form".
However, the message is not from the ATO. Instead, the email is a phishing scam designed to steal sensitive information from recipients. Those who click the link in the email will be taken to a bogus website that is designed to look very similar to the genuine ATO site. The visitor is presented with a webform that asks for credit card and personal details, ostensibly as a means of claiming the "refund". However, the refund does not exist and all information supplied on the fake form can be collected by Internet criminals and used for fraud and identity theft.
Beware of tax refund email scam Media release 2009/01
The Tax Office is warning people about a fraudulent email being circulated that claims to offer a refund from the Tax Office.
It is similar to previous scams and uses the Tax Office logo and the words ‘Notification - Please read’ or ‘Australian Taxation Office - Please Read This’ in the subject heading.
There may also be more variations to these subject headings.
The email asks people to click on a link which directs them to a bogus website that looks similar to the Tax Office website and asks for credit card and personal details.
The Tax Office never sends emails asking people to provide personal information including credit card details.
Tax Commissioner Michael D’Ascenzo said anyone who receives the email should delete it immediately.
“People should be wary of unsolicited emails claiming to be from the Tax Office.
“As an extra precaution we recommend you type internet addresses directly into your internet browser rather than clicking on links embedded in emails,” Mr D’Ascenzo said.
These websites are often set up in multiple jurisdictions making them difficult to trace and to effectively shut them down.
If people have entered their credit card information on the website, they should immediately report it to their credit card provider.
Phishing scammers have repeatedly used the promise of unexpected tax refunds to trick victims into supplying information. In recent years, very similar scams have targeted people living in the United Kingdom, the United States and Canada as well as Australia.
Tax-payers should be extremely cautious of any unsolicited email that purports to be from a Government tax office and claims that they can receive a tax refund by supplying personal information on a website. No legitimate tax office is ever likely to contact clients about a refund in this manner. If you receive such an email, do not click on any links in the message or open any attachments that it may carry. Do not reply to the email.
