14 DAY TRIAL // Tax season is just ahead in Australia and scammers started their assault with tax-related emails in an attempt to deliver malware or point potential victims to phishing websites.
One of the latest ruses is to trick users with messages claiming to come from alleged tax advisors, and even from the Australian Taxation Office (ATO) itself.
Crooks try to make the email as credible as possible
In a sample picked up by Hoax Slayer, the fraudster alerts the recipient that the revenue service is to organize tax inspections the next week, and the purpose of the message is to help make sure that everything is prepared and that the taxes have been calculated correctly.
To achieve this goal, a form is attached and should be filled with all the details. However, the document is actually a malware piece.
The cybercriminals put some effort into crafting the message, as they included a license number for the inspectors and provided a phone number for the potential victim to call for additional explanations.
The attachment is a ZIP archive containing an executable file disguised as a PDF document. Launching it would install a downloader that funnels in a piece of malware, which could be anything from a banking Trojan to ransomware.
Dyre banking malware spotted in some campaigns
Researchers at Symantec recorded increased activity in Australia from tax-related email campaigns delivering Dyre banking malware. The messages pretended to be from ATO and lured users to execute the attachment by informing that they were eligible for thousands of dollars in tax refunds.
Australians should be particularly vigilant around this time of the year to taxation issues communicated via email, SMS, or over the phone.
Crooks often resort to calling victims directly and posing as ATO officers who threaten with jail time over unpaid debts; as a way out, they offer victims the possibility to pay over the phone by rushing them into paying prepaid cards of a certain value and telling them the code.