Consumers hit by scam emails purporting to be from Revenue
Irish internet users are being targeted by scam emails purporting to be from the Revenue Commissioners.
The fraudulent mails, with the subject line “Tax Refund Application” , claim to inform recipients that they are owed €138.50 as a tax refund.
The messages include a link to a webpage purporting to be that of “Irish Tax and Customs” and ask that the recipient to supply personal information on this page to avail of the refund.
In an effort to appear legitimate, the contents of the email are in Irish and in English.
However, internet security firm Eset Ireland said an Irish speaker would swiftly recognise “the translation as a poor Google Translate job”.
It also noted the scammer’s “sloppy copy-paste” even removed all the accented characters from the text, which also makes it rather useless, but
Nonetheless, Eset Ireland said an average unfamiliar user could still be fooled by the fact the mail and forged website are “rather official-looking”.
if consumers happen to clink on the provided links they are brought to a website at www.comunespoleto.gov.it, which is an Italian address, then redirected to an Australian-hosted fake website, registered in USA, equipped with all the official markings of Irish Tax and Customs.
“Phishing mails like this one, using a relatively rare language to address potential victims, show how the cybercriminals are targetting even small countries, just for a chance of profit,” Eset Ireland said.
“The long global path of the scam (Irish targets via Italian link via Australian site with an American site registration) on the other hand shows the complexity of the global business that is cybercrime.”
The European Consumer Centre in Ireland typically advises consumers to delete any such emails and not to click on any links.
“Such links can contain malware or viruses which allow scammers to gather personal details on the consumer and defraud them of money,” it says.
“Consumers should contact their local tax office in case of uncertainty, and remember that no government or financial institution would ask for sensitive data such as passwords, PIN or account numbers via email.”
Source The Irish Times