CERT and Inland Revenue are warning the public about two email scams targeting businesses across New Zealand. Inland Revenue is warning people about a particularly sophisticated email tax scam. IRD explains It is a phishing scam where people get an email that looks like it’s from Inland Revenue and also a form that looks very convincing. The email says the recipient has a tax refund waiting for them and that they need to update their financial information in order to receive their refund. “We have had around 120 calls in the last 12 hours about this and we are keen to prevent people being taken,” says IRD, in a statement. The email address appears as “Inland Revenue Department” but is actually sent from IRDxxxxx@s1.nzr.review. The address is false, but looks convincing to the layperson’s eye. A form comes as an attachment called TaxReturn.HTM. Again it looks convincing but is fake and designed to collect personal and credit card data, says IRD. Inland Revenue urges recipients not to open the attachment and to contact their bank immediately if they have clicked on the form and submitted any personal or credit card data. It also recommends contacting IDcare and notify IRD at phishing@ird.govt.nz CERT, meanwhile, has also reported it has received an increase in reports of unauthorised email access from businesses. Scammers access a business’s email accounts and send false invoices to the company’s clients and potentially other people as well. A staff member’s email address is logged into by an unknown, unauthorised person. The scammer looks through the account to find out what a real invoice from that company looks like, and sends out false invoices, often to clients that exist in the company’s email address book. The invoices look real, but the banking details on the invoice are different. CERT’s advice to businesses includes building good business processes for invoices, including processes for account changes on invoices and verifying invoices by voice call or SMS message – not email. Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe