tax refund notificationA high priority alert has just been issued from Stay Smart Online in regards to malware-carrying emails supposedly from the Australian Taxation Office, which could send your credit file into the doghouse. Most people who regularly read this blog will probably be well aware of the high prevalence of scam emails designed to capture your financial details either directly or through malware. They would also be well aware of the dangers that can pose for your ability to obtain credit in your own right if fraudsters steal your identity and pose as you to take out credit in your name. But we feel it is important to remain vigilant in warning the community when such emails are on the increase. They could just catch out someone you know. So we look at the details on this email and its variants, and what dangers it poses for the financial information of ordinary Australians.


By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and

Today Stay Smart Online (the government’s online safety website) issued a warning about cyber criminals taking advantage of the upcoming tax deadline for filing tax returns by launching thousands of scam emails. The emails are purporting to be from the ATO, but contain malware which can steal your personal information.

Security firm Bitdefender reported the detection of three email spam campaigns in late July and early August that saw up to 10,000 spam emails sent on 6 August. This surpassed the 3,000 messages sent on 23 July and the 5,000 messages sent on 15 July.

“This sort of malicious outbreak is expected to continue heavier and more targeted as the tax time approaches its deadline in October,” a Bitdefender advisory warned. “Attackers hope their targets are too concerned with their financial duties to double check the sender’s address and discover the con.”

If your system is infected by the malware in these messages, private data such as passwords and logins for financial institutions can be stolen and distributed to cyber criminals who will exploit it for financial gain.

If your computer becomes infected, not only can personal information be stolen, but malware may force the computer to join a global ‘botnet’ that uses thousands of slave computers to distribute further malware-laden emails—or it might take part in distributed denial of service (DDoS) attacks. Among other things, this can seriously reduce the effective speed of a home Internet connection.

What the emails look like…

Most common spam emails

‘Australian Taxation Office – Refund Notification’, with body text including ‘TAX REFUND NOTIFICATION’. It instructs you to open an attachment called ‘’ or similar. The attachment is typically malware.

‘New information regarding lodgement’ and suggests that the ATO has been attempting to refund a payment to “the credit card we have on file.” Recipients are advised to log into an ‘e-portal’ to receive the refund manually, and that “during the payment process you will be given the opportunity to update the credit card that is on record.”

Important Information…

The ATO will never ask for such information via email. Any email that requests additional information before a refund can be released is a hoax.

If you receive a message like this, do not under any circumstances open the attachment. Delete the message immediately. Never open attachments that arrive with these sorts of messages.


Identity theft and your credit file

Identity theft can lead to fraud, and can affect your credit file. It often goes undetected until the victim applies for credit and is refused.

Any kind of credit account (from mortgages and credit cards through to mobile phone accounts) which remains unpaid past 60 days can be listed as a default by creditors on the victim’s credit rating, and those defaults remain there for 5 years.

The consequence of people having a black mark on their credit rating is generally an inability to obtain credit.  Most of the major banks refuse credit to people who have defaults, or even too many credit enquiries, so it is really essential to keep a clean credit record.

If you think your identity has been stolen, or that your personal information has been compromised there are three things you should do to protect your credit file:

1. Contact Police immediately

2. Contact the credit reporting agencies which hold your credit file.

3. Contact your Credit Providers – especially financial institutions.

If you think your tax file number has been stolen, you can visit the ATO’s Client Identity Support Centre for more help. They also give comprehensive advice on what to do in different situations of theft of your personal information.

By law in Australia, if a listing contains inconsistencies the credit file holder has the right to negotiate their amendment or removal.

But to clear their good name, the identity theft victim needs to prove to creditors they did not initiate the credit – which can be difficult. Not only are victims generally required to produce police reports, but large amounts of documentary evidence to substantiate to creditors the case of identity theft.

Contact for more details on credit repair following identity theft.

Image: Stuart Miles/

Bookmark and Share