South Africans are expecting to hear from SARS, with Tax Season 2023 open since 7 July. Knowing this, cybercriminals will also be intensifying their email “phishing” attacks by sending emails that seem to come from SARS – often apparently notifying you of a tax refund or scaring you with outstanding debt or penalties – created to trick people into clicking on a link, sharing one-time pins (OTPs) or providing personal details.
Read on for more detail, advice on keeping safe, and useful links…
“The backbone of any successful phishing attack is a well-designed spoofed email or spoofed website, which is why it pays to have a healthy level of scepticism when it comes to opening emails and visiting websites.”
(Phishing.org)
With Tax Season 2023 upon us, expect an upsurge in scam emails, seemingly from SARS but actually clever attempts by online criminals to swindle you.
“Phishing” is a cyberattack that uses fraudulent emails made to look as if they come from a reputable source – such as SARS – to trick people into disclosing sensitive personal information or taking an action such as clicking on a link that installs malware on their systems.
While fraudulent SMSs “smishing” and phone calls or “vishing” are also used, email “phishing” is the preferred method.
Examples from SARS include emails that appear to be from returns@sars.co.za or refunds@sars.co.za, notifying taxpayers that they are eligible to receive tax refunds or owe SARS money.
One of the most recent scams involves an email titled ‘eFiling Credit Request’ that asks the email recipient to click on a link to view the amount. Another scam email titled ‘Debt Management – Final Demand’ guides the email recipient to download a ‘statement of account’. New scams are popping up all the time – for examples see SARS’ Scams and Phishing webpage.
These emails contain attachments, icons or links to false forms and fake websites made to look like the SARS website, to fool people into entering personal information or sharing one-time pins (OTPs).
Those caught by phishing often suffer financial loss as well as psychological trauma, while some may be unaware that they are victims of crime. It may also result in a breach of a company’s data security, as employees often use their work email addresses to sign up to websites and email lists.
SARS’ advice to safeguard yourself
- Do not open or respond to emails from unknown sources. Beware of false SMSs.
- Beware of emails that ask for personal, tax, banking or eFiling details such as login credentials, passwords, pins, and credit or debit card information.
- SARS will not send you any hyperlinks to other websites – not even those of banks.
- SARS will never request your banking details in any communication that you receive via post, email, or SMS. However, for the purpose of telephonic engagement and authentication purposes, SARS will verify your personal details.
- SARS does not send *.htm or *.html attachments.
- SARS will never ask for your credit card details.
Remember never to click on links in a suspicious email from SARS. You can email suspicious SARS correspondence to phishing@sars.gov.za. You can also check here to see all current legitimate SARS surveys, emails and SMSs.
Check with your accountant
While protecting yourself against scammers, it remains crucial to ensure that all legitimate SARS correspondence to you is still promptly attended to. If you are in any doubt, it is best to check with your accountant, who will be able to verify if the request is from SARS or report fraudulent emails to the relevant authorities. That way, you are certain you are complying with your tax responsibilities, without ever falling prey to scams and fraudsters.