Spammers target Aussies at tax time

Cyber crooks are impersonating representatives from the Australian Taxation Office through malicious spam campaigns and telephone scams targeting people at tax time.

In a blog post on Sunday, Satnam Narang, a senior security response manager at Symantec, said the company had observed several malicious spam emails sent to Australians claiming to be a refund notification from the ATO.

The emails say that the recipient is eligible for a refund, and to receive it, they need to download a ZIP attachment and launch the file within it. Once downloaded, the file infects the computer with malicious software, stealing personal financial account details.

The emails are infecting computers with the Downloader.Upatre and Infostrealer.Dyre viruses. Upatre is a Trojan horse that downloads additional malicious software on the compromised computer, Narang said.

Upatre downloads Infostealer.Dyre, which has become one of the “most popular financial fraud tools in operation,” he said.

Meanwhile, hundreds of complaints have been lodged with the ATO about telephone-based scams targeting Australian citizens.

“Instead of the refund-based approach that the malicious spam emails have taken, people have reporting receiving phone calls threatening legal action unless they pay their tax debt over the telephone,” Narang said in his post.

“The scammer instructs the recipient to purchase and load money onto prepaid cards from the post office. These cam callers make use of different aliases and at some points, may adopt a threatening demeanour when speaking to taxpayers who do not comply,” he said.

Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly