Eset warns Irish users to avoid this convincing Revenue email scam

6 Dec 2018

Image: © Rawpixel/Stock.adobe.com

A detailed tax refund phishing scam is hitting inboxes around Ireland, Eset says.

Cybersecurity firm Eset has issued a warning over an email phishing scam that could allow criminals to access financial information from unwitting victims.

The email, purporting to be from Revenue, reads: “Due to a technical issue, we are unable to process your tax refund and the procedure is currently on hold. In order to resume the process please follow the instructions detailed on our dedicated site 24/7 to get your tax refund now.”

A convincing scam

Clicking on the link within the email takes the victim to a credible-looking fake Irish tax and customs page, which is even using the ‘https’ signifier to make its site look credible. While there is an additional element in the address that indicates it may be fake, few people actually read the full addresses of the sites they frequent with an eagle eye. 

The site then asks the user for the name on their credit or debit card, as well as the funds currently available on it. If this data is entered, the next page asks for the rest of the card details. This could enable cybercriminals to exploit the person directly or even engineer other scams, potentially draining the account of the target.

A screenshot from Eset displaying the convincing Revenue scam website.

Screenshot from the scam website. Image: ESET

Revenue phishing scams are becoming sophisticated

At the end of the page, it displays what appears to be refund details for €469.24, using the name of Allied Irish Banks to make the scam appear more legitimate. Cybercrime analyst Urban Schrott noted that scams relating to Revenue have been ongoing for many years now and criminals are continuing to perfect their techniques.

He said the perpetrators are “fine-tuning and optimising their scamming techniques to appear more credible and trustworthy, making it harder for their victims to detect the scam in time and avoid it”.

Eset advises users to delete the email without clicking on any links, and mark it as spam. It also added that warning friends and family about the racket is important.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com