“Good Samaritan” scam email claims to have your tax info: Is it time for SMEs to get real on cyber security?

scam email phishing

A scam email purporting to be from a kind citizen who has mistakenly received your tax information hit inboxes last week in a crafty new take on phishing emails, with experts warning businesses it’s finally time to get real about cyber security.

The email, uncovered by MailGuard, claims to be from a “Good Samaritan” Australian who has mistakenly received the individual’s tax details and is hoping to confirm the details in order to resolve the situation.

The sender, whose name changes in each email sent, asks individuals if they are the owner of a certain domain name, which MailGuard reports are correctly identified. This suggests scammers are using domain ownership identifier tools such as Whois to correctly identify web domain’s owners to increase the effectiveness of the scam.

“I am contacting you to solve this problem because I have never worked in your company. What should we do? Please answer me as soon as you read the document,” the email states.

In the body of the email the scammer provides a legitimate looking “link” to the ATO website or pages of other international tax agencies. However, once clicked the link actually downloads a compromised Microsoft Word document, which installs malware on the user’s’ computer.

In a blog post, MailGuard chief executive Craig McDonald said the email “employs various tactics to help fool recipients”, including appealing to a user’s’ sense of curiosity and using the “original tact” of claiming they have never worked for the company.

“The scammers have also made efforts to ensure only Microsoft Windows users can download the Word document. Those using Macs or running Linux cannot download the file,” McDonald said.

Founder of IT services business Combo David Markus tells SmartCompany scammers will continue to change their tactics and draw on curiosity-piquing tactics like in this case, with the best solution being an “education of the masses”.

“It boils down to people not responding to emails that aren’t from a known source and only clicking on linked things in emails that come from a known source,” Markus says.

“Ninety percent of emails out there are spam, and a good percentage of those are now scams.”

An example of one of the emails. Source: MailGuard.

Markus advises recipients of emails like these should consider the likelihood of an individual actually having your tax details. He also acknowledges, however, that scammers are becoming more personal and more crafty every day.

“I got one last week that said one of my friends was in a fatal accident, and that I had to contact this person immediately. It was so disturbing I felt compelled to click on it because I thought it might have the slightest chance of being real,” he says.

“I was able to override the sense of a need to click, but it was cleverly enough written that I nearly did.

“It’s only a matter of time until hackers have enough information about us to put together hundreds of highly personalised phishing emails a week.”

Due to this, Markus believes it’s time for businesses to get real about their cyber security protection and implement systems that stop phishing emails from ever hitting user’s inboxes.

Markus thinks while costs for businesses were once about buying the necessary tools and services to prevent an attack, now that many businesses already have these tools, more will have to be spent on protecting businesses from the possible fallout of an attack.

“The cyber security space is where significant costs to businesses will start to come from. Most businesses have all the other tools they need, and when cyber security issues start to impact their entire network, it becomes how do we protect businesses from that,” he says.

“When a business the size of TNT gets taken out by a cyber attack, you can’t blame the users. The business needed to have some systems in place that stops these emails at both a firewall level and a email inbox level.”

“In an age where computers are so dominant in business, disaster recovery and security are more important than ever.”

SmartCompany contacted the ATO, and was referred to a media release warning Australians about handing out details to scammers at tax time.

“We have already seen a five-fold increase in scams from January to May this year and typically expect further increases during the tax time period,” assistant commissioner Kath Anderson said in the statement.

“Already this year, the ATO has registered over 17,067 scam reports. Of these, 113 Australians handed over $1.5 million to fraudsters with about 2,500 providing some form of personal information, including tax file numbers.”

Never miss a story: sign up to SmartCompany’s free daily newsletter and find our best stories on TwitterFacebook, LinkedIn and Instagram.


Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
Herbert Graf
Herbert Graf
5 years ago

To find out if an email is OK, hover over the link with the cursor and the address will be shown in the bottom left corner of the browser window.

SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: support@smartcompany.com.au or call the hotline: +61 (03) 8623 9900.