You are here:
Home… I want to...… Report a suspicious activity… SARS Phishing Attack
SARS Phishing Attack
SARS Phishing Attack
A large number of South Africans were randomly emailed a “spoofed” email from a forged email address, returns@sars.co.za, indicating that they were eligible to receive their TAX Refund of RX, XXX.XX. The recipients were provided with a link in the email to a “SARS form” with the aim of fooling taxpayers to fill in the form to claim their return.
This is a typical phishing scam which is usually carried out by e-mail and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is a criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by hiding as a trustworthy entity in an electronic communication (spoofed email address).
The email was as follows:
The link “click here” pointed to a website (see below, it has since been closed), resembling the SARS eFiling website. It asked the taxpayers to populate the form with their names, bank details, credit card number and the card pin before submitting the form.
This is a scam and SARS taxpayers should take note of the following:
• Do not open or respond to emails from unknown sources.
• Beware of emails that ask for personal, tax, banking and eFiling details (login credentials, passwords, pins, credit / debit card information, etc) as SARS will never ask taxpayers for such information in an email.
To report or to get more information on phishing, please send an email to Infosec@sars.gov.za or call the Fraud and Anti-Corruption Hotline on 0800 00 2870.
|
