Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

ATO 'Multiple Password Failures' Phishing Scam Email


Email purporting to be from the Australian Taxation Office (ATO) claims that a security check discovered multiple failed login attempts and you are therefore required to reconfirm your account information within 48 hours.

ATO Pasword Failures Phishing Scam
© weerapat

Brief Analysis

The email is not from the ATO.  It is a phishing scam designed to trick you into giving your personal and financial data to Internet criminals.


Subject: Invoice: (AA-LL-ML-04L2)

Security Precaution,

For optimal viewing of the Australian Taxation Office Web site, we recommend that you enable CSS.

We at Australian Taxation Office work hard to ensure the security of our clients,In carrying out our responsibility,We recently had cause to suspect that there has been attempts to log into your account, There were multiple password failures during the course of the illegal attempt to log into your account. Though the attempts were unsuccessfull We need you to re-confirm your account information by filling in your precise and current account information. If this is not completed within the next 48hrs, we will be forced to suspend your account indefinitely.

To re-confirm, Please Sign on and verify your identity: Sign On

Australian Taxation Office helps you to plan your financial future.

Thank you for helping us protect your account
Security Advisor

Detailed Analysis

'ATO' Email Warns of Failed Login Attempts

This email, which purports to be from the Australian Taxation Office (ATO), advises that security has detected illegal attempts to access your ATO account.

The message claims that multiple password failures were logged. It explains that, although the attempts to illegally access your account were unsuccessful, you are still required to sign into your account and verify your identity.

It warns that, if you do not click the link and revalidate within 48 hours, your account will be suspended indefinitely.

Email is Not From the ATO - Phishing Scam

However, the email is not from the ATO and you are not required to revalidate your account. The message is a phishing scam designed to steal your personal and financial information.

If you click the 'Sign On' link in the email, you will be taken to a webpage that is designed to resemble the genuine ATO website.

Once on the fake site, you will be asked to login and then fill in an online 'validation' form that asks for your address and contact details, your tax file number, and other identifying data.  The fake form may also ask for your credit card number and other financial information.

Criminals can then collect all of the information submitted on the fake site. The stolen data can be used to access your ATO account, steal your identity and commit financial fraud in your name.

An increasing number of people are accessing the ATO's services online so at least a few recipients may believe these scam emails to be genuine and comply with the instructions.

Beware of Unsolicited Messages from Your Tax Department

Tax related phishing scams are a very common criminal ploy. The scam messages target taxpayers all over the world. Many of the messages promise users an unexpected tax refund and instruct them to fill in a refund claim form by clicking a link or opening an attached file.

Again, the bogus form is designed to steal sensitive personal and financial data from recipients.

Be wary of any unsolicited email or text message purporting to be from your country's tax agency that claims that you must provide personal information by clicking a link or opening an attachment.  Your tax agency is very unlikely to request personal or financial information in this way.

If you use online tax services, always login to your account by entering the address in your browser rather than by clicking a link in a message.

ATO Pasword Failures Phishing Scam

© nickylarson

Last updated: July 30, 2014
First published: July 30, 2014
By Brett M. Christensen
About Hoax-Slayer

Phishing Scams - Anti-Phishing Information
HM Revenue & Customs Income Tax Repayment Phishing Scam
IRS Refund Scam Email
ATO 'Final Estimated Refund' Phishing Scam