The latest fast-breaking phishing scam to hit email inboxes appears to email users that it has been sent from the Australian Tax Office.
As you can see below, the email is very simple with little text in the message body and no attachments. The recipient is then asked to click a link in order to claim a tax refund.
This link takes the user to a fake website which looks legitimate as it contains Government logo for the ATO. As you can see, the tab says 'Australian Taxation', however if you look carefully at website address circled in 'RED', it is not the legitimate ATO government website - www.recipesbyshatec.sg/ato/
As per standard phishing emails, the aim is to get a person’s personal details, and in this instance they are seeking credit card details. Under no circumstances should you ever fill out any personal information on this page or any other suspicious looking site.
The ATO never sends out emails asking for personal details. It is advised that you delete this email if you have received one.
Utilising multilayered defence is always the preferred method to mitigate risks in a business. This includes installing desktop anti-virus, anti-malware, anti-spyware, and using cloud-based email filtering and web filtering services. Also keep in mind, if an email seems suspicious or just too good to be true, it most likely is. Check with your IT team if you are unsure before deleting.
As these type of scams become more common, you should also share this information to help warn others, including friends, family and work colleagues. The community needs to be made aware that these type of emails are doing the rounds, so they don't become a victim.
Need more tips for identifying fake emails? You can find out more at our blog Don’t Click That! Your Guide To Cyber-attacks And Tips For Being Cyber Safe Within Your Business