Australian Tax Refund Spam Again…

It is now Australian Tax Refund time again. And right on cue, spammers have re-emerged in producing phishing scams as they would never miss this opportune moment to steal money. So, what does this year’s taxation spam look like?

It appears the spammers have learnt one important lesson from past years and that is to stick to the Keep It Simple Stupid (KISS) philosophy. The scam message is only 732 bytes long and contains a few eye-catching phrases in both the subject line and the message body.

Hold on…. but where is the dodgy call-to-action? Where is the fake link? Where is the accompanying dodgy PDF document of yesteryears?

This time, it is nefariously hidden in the HTML attachment which contains only a simple meta refresh link. In this way, when the email is opened, the link in the message automatically (without any further user intervention) redirects the recipient to the following bogus Australian Tax Office (ATO) website, from where it will attempt to harvest the victim’s credit card information.

Will we be seeing more of these phishing scams? There’s no doubt we will. Be it from the UK or the USA, it appears that tax time is a very lucrative opportunity for spammers and phishers. As usual, it is wise to be extra careful of unsolicited emails, especially those that appear to come from the government.

And yes, SophosLabs has already blocked this kind of phishing scam.