Why would Irish Revenue offer a refund in British pounds?
The Office of the Revenue Commissioners has warned of fraudulent emails and text messages purporting to come from Revenue, which are seeking personal information and credit/debit card details from taxpayers in connection with a tax refund.
The scam informs users that they are "eligible to receive a refund of 265.48 GBP" and are then instructed to complete a tax refund form accessible through a link.
This link, however, goes to a compromised French consultancy website before being redirected to a Singapore site, registered to the Singapore International Arbitration Forum.
Both sites mislead users by displaying HTTPS in the address, which suggests that the website is secure. However, this idea is a misconception.
Source: ESET Ireland
Revenue has confirmed that they have not issued these emails or text messages, adding that the Commissioners never request customers send personal information via an email, text or pop-up window.
"Anyone who receives an email or text message purporting to be from Revenue and suspects it to be fraudulent or a scam should simply delete it", a statement from Revenue reads. "Anyone who is actually awaiting a tax refund should contact their local Revenue Office to check its status."
"Anyone who provided personal information in response to these fraudulent emails or text messages should contact their bank or credit card company immediately."
Security company ESET Ireland has issued an additional warning to Irish computer users about this scam, which is redirecting people to compromised valid HTTPS secured websites that host the phishing site.
"Over the years we’ve been constantly told that HTTPS means the website is secure, but what many fail to realise is that HTTPS merely means that the communication with that site is encrypted,"
Ciaran McHale and Urban Schrott of ESET wrote in a blogpost.
"If cybercriminals manage to compromise a website with a valid HTTPS certificate, or even if they acquire a certificate themselves, the victims are given a false sense of security and end up giving up their sensitive data more easily."
