Taxpayers receive hoax emails purporting to be from the ATO

Some taxpayers have recently received fraudulent or hoax emails purporting to be from the Australian Taxation Office ("ATO").

The various variations of these phishing emails often share a number of the following characteristics;
• The email requests personal information by:

  • requesting that the taxpayer completes a form requiring personal information; or
  • requesting that the taxpayer verifies their identify by emailing photographs or copies of their personal identification documents.

• The email may appear to be an official ATO email, but will have been sent from an invalid or fraudulent email address rather than "ato.gov.au", such as:

  • ato.com.au;
  • ato.net.au;
  • atogov.com.au; or
  • atoguv.com.au

• The email may direct the taxpayer to an alternative website;
• The email may not address the taxpayer by name;
• There is often the promise of a large unexpected tax refund but that it is to be paid into a credit card account - which is not usual practice.

The ATO has officially released a warning about these emails which can be accessed here:

https://www.ato.gov.au/general/online-services/online-security/recognising-and-avoiding-tax-scams-and-fraud/examples-of-tax-related-scams/refund/phishing-scams/

Signs that the email may be fraudulent include, but are not limited to;
• poor grammar;
• unusual language, such as; "after the last annual calculations of your fiscal activity...'; or
• the email address is similar to "ato.gov.au" but slightly difference.

If you receive such an email and you click on the link in order to update your details, your anti-virus program should alert you to the fact that the link is to a phishing site. However, if your internet security and protection is not up to date, or you reply directly to the email, there is a real risk of monetary loss, in addition to identity theft.

If you are sent a suspicious email, please forward it directly to your Walker Wayland NSW advisor, who will be able to confirm whether the email is legitimate or fraudulent.