Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share







Australian Taxation Office 'New Rules' Malware Emails

Outline
Emails purporting to be from the Australian Taxation Office (ATO) claim that new rules for ABN numbers are being introduced and that recipients should follow a link in the message to access more information about the changes.



Brief Analysis
The emails are not from the ATO. Links in the messages lead to a fraudulent website that harbours malware. If you receive one of these emails, do not click any links or open any attachments that the message may contain.

Bookmark and Share
Detailed analysis and references below example.



Scroll down to submit comments
Last updated: 15th September 2011
First published: 15th September 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Australian Taxation Office New rules

Australian Taxation Office together with Australian Business Register
wants to inform you that starting from January, 1 2012 new rules of use of ABN number are being introduced.

The changes will concern:
- GST credits;
- Australian domain names registration

More detailed information about the coming changes in the rules you can find HERE.

Australian Business Register
www.abr.gov.au



Detailed Analysis
A large number of fraudulent emails purporting to be from the Australian Taxation Office (ATO) is currently being distributed by cybercriminals . The messages claim that new rules regarding the use of the Australian Business Number (ABN) are set to be introduced. The emails urge recipients to click a link to read more detailed information about the supposed rule changes. Some versions have the subject line "Australian Taxation Office New rules". Others have the subject line "Attention for the ABN owners" or "Attention to all holders of TFN \ Business name". There may also be other subject line variations.

The messages are not from the ATO. Links in the emails lead to a bogus website that harbours malware. Those who visit the bogus website may be tricked into downloading and installing this malware. Once installed, the malware may collect passwords and other personal information from the compromised computer and relay it to Internet criminals. The scam messages use From lines disguised so that they appear to be genuine ATO email addresses.

The Australian Government has issued a warning to the public about these malware emails via its Stay Smart Online Alert Service. A warning about the malware emails has also been published on the ATO website.

The versions of the scam emails that I have received so far have the actual message contained in an attached .txt file that contains HTML code. If you receive an email claiming to be from the ATO, do not open any attachments that it may contain. Do not follow any links in the email. Do not reply to the email. The ATO will never send you a generic, unsolicited email that asks you to open an attachment or supply or access information by following a link.

Bookmark and Share References
Potentially malicious spam emails are circulating about the ATO - SSO-AL2011-025
ATO - Phishing Scams



Last updated: 15th September 2011
First published: 15th September 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer