Sunday, 12 October 2014

Irish Tax and Customs fake emails target Irish inbox's

ESET Ireland finds more elaborate Irish Tax and Customs faked emails targeting Irish mailboxes with “tax refund” phishing.

ESET Ireland has seen a steady increase of Revenue-related phishing scams in Irish mailboxes over time. The latest one has been around since last weekend and is cleverly constructed. It appears to come from an email, which appears legitimate although it is faked and lures potential victims with the following:

'Dear Applicant,

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive tax refund.

To access your tax refund, please download and fill the Tax Refund Form attached to this email - open it in a browser (recommended mozilla firefox or google chrome)

Please submit the tax refund request and allow us 2-5 days in order to process it.

A refund can be delayed for a variety of reasons. As example, for submitting invalid records or applying over the deadline.


If you find this email in Bulk, Spam or Junk please move it to your inbox as not to jeopardize the future our communication with you. It is essential to receive all emails from us to be in touch.


Anthony Poole.

Irish Revenue Credit Office


Copyright 2014, IRISH Revenue & Customs. All rights reserved.

Below that it offers a form to be filled with ALL personal and banking details saying”Please enter your Personal Information and a valid Credit / Debit Card where you want the refund to be made.”
Needless to say, things will happen to victims accounts if they do this, but “receiving a refund” will NOT be one of those things.

Irish Revenue warns of these scams on their website: “If you receive an email purporting to be from Revenue and you suspect it to be fraudulent or a scam please forward it to Alternatively, you can contact your tax district to check the status of any refund that may be due.” They also point out that“Revenue will never send emails which require customers to send personal information via email or pop-up windows.”

Stay informed about latest threats by following our blog