CERT and Inland Revenue are warning the public about two email scams targeting businesses across New Zealand.
Inland Revenue is warning people about a particularly sophisticated email tax scam.
IRD explains It is a phishing scam where people get an email that looks like it’s from Inland Revenue and also a form that looks very convincing. The email says the recipient has a tax refund waiting for them and that they need to update their financial information in order to receive their refund.
“We have had around 120 calls in the last 12 hours about this and we are keen to prevent people being taken,” says IRD, in a statement.
The email address appears as “Inland Revenue Department” but is actually sent from IRDxxxxx@s1.nzr.review. The address is false, but looks convincing to the layperson’s eye.
A form comes as an attachment called TaxReturn.HTM. Again it looks convincing but is fake and designed to collect personal and credit card data, says IRD.
Inland Revenue urges recipients not to open the attachment and to contact their bank immediately if they have clicked on the form and submitted any personal or credit card data.
It also recommends contacting IDcare and notify IRD at firstname.lastname@example.org
CERT, meanwhile, has also reported it has received an increase in reports of unauthorised email access from businesses.
Scammers access a business’s email accounts and send false invoices to the company’s clients and potentially other people as well.
A staff member’s email address is logged into by an unknown, unauthorised person. The scammer looks through the account to find out what a real invoice from that company looks like, and sends out false invoices, often to clients that exist in the company’s email address book. The invoices look real, but the banking details on the invoice are different.
CERT’s advice to businesses includes building good business processes for invoices, including processes for account changes on invoices and verifying invoices by voice call or SMS message – not email.