Let's face it, no one likes to pay tax. ;-)
With the coming of the end of the financial year (30th June), taxpayers working in Australia are preparing to lodge their income tax forms to the Australian Tax Office (ATO). It comes as no surprise then, that today SophosLabs analysts intercepted an email phishing scam pretending to come from the ATO, targeting Australian taxpayers. Like many typical phishes, the body consists of plain text stating that the recipient has received a refund from the tax department and includes a link by which to obtain the funds (known in the 'biz' as the call-to-action). To increase the chances of the email being opened, a catchy subject line is employed.
When clicking the link in the phish, it opens a bogus Tax Office website which looks quite like the legitimate PDF form from the ATO. But the kicker is at the bottom of the form, with the unusual addition of a request for credit card and other personal details.
While many of us (actually just me) groan at the prospect of having to lodge our income tax forms, it definitely pays to be alert and wary of such scams, especially during tax time. This is even more so when one is lodging returns online. Do strenuously avoid clicking on URLs embedded in emails especially unsolicited emails.
SophosLab has since blocked the above phishing scam.
FYI the actual government website for the Australian Tax Office is http://www.ato.gov.au.
That kind of reminds me, I need to do my taxes..... drats.