sb-nz logo
Story image

Inland Revenue says watch out for tax refund scams

07 Jan 2019

Inland Revenue is warning New Zealanders to be vigilant about any ‘tax refund’ emails they receive that appear to look genuine.

Inland Revenue, which is undertaking a ‘Changing for you’ campaign, recently sent out genuine emails to more than two million New Zealanders about proposed tax changes regarding automatic tax assessments and other changes.

However it didn’t take long for scammers to pick up the scent and take advantage of the campaign for their own benefit.

Inland Revenue customer segment leader Bernadette Newman says scammers are sending convincing-looking emails, but there are key details that show that it’s a fake.

“The e-mail asks you to complete the steps below to release money owed to you. There’s a link to fill in a form with advice to ‘just fill it in and get your returns in order now’,” says Newman.

One of the emails, which copies genuine Inland Revenue and New Zealand Government logos, appears to come from provider@ird-taxingreturn.co.nz – which is not Inland Revenue’s email address.

“When you receive an e-mail like this, purporting to come from IRD, don’t click on it – but use your mouse to hover the web address and make sure it’s for a real Inland Revenue website.” Inland Revenue’s ‘Changing for you’ campaign details how automatic tax refunds can be issued to eligible customers if Inland Revenue holds customers’ up-to-date bank account information. This can be updated through myIR, the secure online portal, which is password protected."

Inland Revenue will be sending more emails about the campaign in the new year.

“You will know you’re in safe hands if you’ve been directed to myIR where a valid log-in is required,” says Newman.

“Unfortunately, scammers and phishers will try to take advantage of the volume of e-mail we’re sending and try to access bank accounts and steal people’s money. It’s important to know what a fraudulent e-mail looks like. 

“You don’t want your summer holidays ruined by a scammer so take the time to check your e-mail and delete the fakes.”

Inland Revenue will never:

• email you with the amount of your refund (only within myIR) or send you an e-mail, knock on your door or phone you promising a tax refund.

• ask you to pay money to release a tax refund. 

• send you an email with a hyperlink to a webpage that asks you to submit your personal information. 

• demand payments through NZ Post or a gift card.

If you receive a text scam message or a fraudulent call, email phishing@ird.govt.nz.

Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Thycotic releases new integrations to bolster account governance
“Service accounts are often left defenceless, even by enterprises with established programs for privileged user security."More
Story image
Gartner: Top security and risk management trends for 2021
“CISOs are keen to consolidate the number of security products and vendors they must deal with."More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More