Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Cybercriminals Target Australians with an ATO Tax Refund Phishing Scam

Watch out for fake Australian Taxation Office emails
  • 17 June, 2009 10:43

<p>Symantec recently observed a fresh round of phishing scams targeting the Australian Taxation Office (ATO). Cybercriminals are distributing emails that falsely claim to be from the ATO and offer online tax refunds. The emails bear the tax office logo and lure consumers to visit the phishing link to complete the fake tax refund request. Some phishing links direct Australians to a fake tax refund form, requiring them to input details such as their Tax File Number, credit card number and ATM pin. If a consumer completes the form and presses the ‘print’ button, these details are quickly submitted to the cybercriminals.</p>
<p>Online fraudsters are getting smarter and more sophisticated when it comes to executing their scams as consumers are becoming more aware and educated about phishing tactics. For example, rather than asking intended victims to respond by email, which many know not to do, this particular scam asks intended victims to supply their details and print off a form, even providing a mailing address so that the form can be processed.</p>
<p>To help protect personal information Symantec recommends the following:</p>
<p>Always maintain a level of caution around any messages from within a website or that appear to be sent by a website. If a user clicks on a link, double-check the actual domain that is shown at the top of the page. It’s best practice to type the direct Web address directly into your address bar rather than rely upon links from a message</p>
<p>Maintain an up-to-date browser and operating system. Use security software and check out web safety services, where a community of web users collaborate to report dangerous phishing and malware sites</p>
<p>Double check you’ve arrived at the correct destination. When clicking over to the ATO (or any site) make a habit of looking at what appears in the address line. You might not always be able to spot a fake site but in the case of this particular scam, it’s obviously not</p>
<p>Be suspicious of requests to enter your account name and password</p>
<p>Don’t click on suspicious links or email attachments</p>
<p>Additional information can be found here:</p>
<p>Press Contacts:</p>
<p>Jasmin Athwal</p>
<p>Max Australia</p>
<p>+61 2 9954 3492</p>
<p>Debbie Sassine</p>
<p>+61 2 8220 7158</p>

Most Popular

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Media Release

More media release