Thursday, September 29, 2011

Alert: Incorrectly filled tax form NAT3799 from

I’ve received a number of emails lately which have been faked to appear to be from the ATO. I’d recommend you delete these emails.

What is particularly interesting with these emails is who the emails are addressed to. When I check the To and CC fields they contain a number of my emails address that I use publicly. Not just one, but a number. That is the first time I’ve seen anyone do that. It shows whoever has the mailing list is now consolidating the email addresses. Perhaps it is an attempt to hit an entire organisation in the one go leading people to think the information may be legitimate. All it needs is one person in the organisation to think the email might be legitimate and others may be encouraged to check it out.

The email displays correctly if viewed using an Apple iPhone, but is malformed if received using Outlook. In Outlook the message appears as an attached text file and there is no body to the message. It is very obvious to Outlook users this message is a fake.

It is important that you delete suspicious emails. I read yesterday that up to 85% of malware infected computers are now caused by people visiting web sites controlled by hackers. These sites may be legitimate sites where hackers have gained access and installed code or code to redirect people to another site. The owner of the site may have no knowledge they’ve been hacked. In the past the email attachment was a major cause of infection. Now it appears the main cause has moved to people visiting web sites which uses exploits in unpatched software the user has on their machine to infect their computer.

I’d highly recommend that you don’t let curiosity get the better of you. Clicking on a link in an email you receive could end up costing you a lot in both money and inconvenience. If an email appears suspicious, it probably is.

Kelvin Eldridge
