Criminals send fraudulent phishing emails in the name of the Federal Ministry of Finance (BMF).
As our cooperation partner Watchlist Internet warns, users are asked to update their data in order to enable a tax refund.
Do not follow the instructions as you could suffer significant financial loss! It is an attempt to steal your personal and account information.
You may find what appears to be an email from FinanzOnline in your inbox that promises you a tax refund. All you have to do is follow the link provided to correct your data.
The phishing email is designed by the Federal Ministry of Finance. The content of the email with the subject “Tax refund” is as follows:
On November 19, 2018, 3:49 p.m., FinanzOnline [email protected] wrote:
Tax administrationWe hereby inform you that our attempt to make a repayment to your known account was unsuccessful.
Please log in to your tax refund portal to process the refund manually. During the process, you can update the account information you have on file.
Payment date: August 2, 2018
Invoice number: BMF/88UIA7TT/ATH778TAR
Amount: € 1,941.75 EURNOTE: This email is considered the official billing receipt for this refund.
If you follow the link in the message, you will land on a website that is again based on the design of the Ministry of Finance. While the page looks confusingly similar to the original, the URL is relatively far from the real one:
We performed data entry for testing purposes. Under no circumstances should you do this with your real data, as this will give your information to criminals!
The next step takes you to a selection of different banks that are common in Austria. For example, Bank Austria, Bawag PSK, EasyBank and Raiffeisen Bank are listed here. After selecting your bank, you will be redirected again. This time you will be taken to a page that imitates the login page for your bank's online banking access in a surprisingly realistic way. The most noticeable difference here is the internet address.
Here is the fraudulent login page:
For comparison, here is the real Bank Austria login page:
As soon as you have entered your user number and PIN on the fake login page, you will be notified that the tax refund has been transferred to your account and that you will receive a notification from your bank within 5 days.
The fraudsters now have all the disclosed data, such as name, address or telephone number, and can log into their victims' online banking account.
How can you recognize the fake news?
There are a few points that will tell you that this is not a genuine Ministry of Finance mailing:
- The Federal Ministry of Finance does not send messages informing you about specific tax refunds. Such deliveries are made by letter. The message can therefore be classified as dubious in terms of content.
- You will not be addressed personally in the message. This is a common procedure for standardized circulars in order to ensure the largest possible circle of recipients. Serious messages address you by name.
- If you hover your mouse over the link that is supposed to take you to update your account information without clicking it, you will see that it leads to a foreign website.
Have you been a victim of fraud?
If you have provided your personal details, contact your bank immediately and discuss the next steps with them.
The sooner you do this, the higher the chances of avoiding financial damage. Also, file a criminal complaint with the police and explain that you have been a victim of fraud.
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )