Tax Refund Emails From the Australian Taxation Office just a Malware.
Reportedly, an email message is being circulated that appears to be sent from ATO/Australian Taxation Office and informs the recipients that they have become eligible for tax refund.
To know the details about the surprise windfall, users are encouraged to open an attached file for reviewing the tax amount.
The fact is this email hasn’t been sent from ATO and thus, the tax refund news serves as the bait through which the attackers entice people for opening the .exe malware attached file.
Here is an example email:
Those you get trapped by the alluring tax refund strategy are then asked to unzip the attached a.exe file, which if they click will immediately install a Trojan on that computer device. This Trojan, after being installed, will invite other malware programs on that computer, obtain personal credentials and financial data and pass it on to cybercriminals that are responsible for this malware attack.
This is not a first-of-its-kind attack since criminals often utilize this method for stealing sensitive personal and financial info. Numerous versions of phishing scams like this one are tried for tricking the users into filling fake forms so that their banking and credit card details are somehow acquired as well as critical personal information.
However, the abovementioned version is somewhat different trick to get people into installing malware but like direct phishing attacks it is also designed to let criminals obtain sensitive data that is later used to commit credit card and bank fraud and perform identity theft.
You need to be very cautious nowadays and remember that even if your country’s tax office claim that you will receive an unexpected tax refund it will never ask you to enter sensitive personal information at all.