Contributor: Nolan Kent
It’s nearly the end of the fiscal year in Australia, which means it is almost time to prepare those tax returns. Scammers are acutely aware of this fact and have already launched malicious spam campaigns and telephone scams claiming to be from the Australian Taxation Office (ATO).
Figure. Malicious spam email claiming to be from the Australian Taxation Office
Malicious spam campaign We have observed a number of malicious spam emails sent to Australians claiming to be a refund notification from the ATO. The emails note that the recipient is eligible for a refund, and in order to receive it they need to download a ZIP attachment and launch the file within it.
Symantec products detect the file inside of the ZIP attachment as Downloader.Upatre. Upatre is a Trojan horse that downloads additional malicious software onto the compromised computer.
In this case, Upatre downloads Infostealer.Dyre, which has become one of the most popular financial fraud tools currently in operation. Knowing this, it’s clear that the scammers behind this campaign are looking to harvest financial account information from Australian citizens. You can learn more about the Dyre financial Trojan’s rise and the dangers associated with it in our blog and technical paper.
Telephone-based scams In addition to malicious spam campaigns, hundreds of complaints have been lodged with the ATO about telephone-based scams targeting Australian citizens.
Instead of the refund-based approach that the malicious spam emails have taken, people have reported receiving phone calls threatening legal action unless they pay their tax debt over the telephone. The scammer instructs the recipient to purchase and load money onto prepaid cards from the post office. These scam callers make use of different aliases and at some points, may adopt a threatening demeanor when speaking to taxpayers who do not comply.
Four tips for staying safe this tax season It’s always wise to remember that scammers are opportunists and tax season is a time of the year that is universally considered a hotbed for malicious and scam-related activity. When preparing to file your tax returns this year and every year, follow these four tips.
Protection Symantec and Norton products detect the threats discussed in this blog as Downloader.Upatre and Infostealer.Dyre.