Australians at threat from ATO email phishing scam
It is believed that 70 million emails were sent on 30 August - more than 1 in 25 of all emails sent in Australia that day - purporting to be from the Australian Taxation Office and warning people about a problem with their tax return.
Anti-virus company Trend Micro said most of the scam emails were blocked by spam filters but many managed to get through.
The attack came in two parts. The first was an email that directed people to enter their personal details using a fake page setup to look like it was the official ATO website. When users clicked to submit their information, ‘key log’ malware was installed on their computers which was used to access their banking information.
It has been estimated that 8000 Australians visited the phishing website.
Residual attacks also occurred the following day and three times in early September. Unlike most phishing scams which tend to come mainly out of eastern Europe, these attacks came from within Australia.
John Papandis, public relations manager for Trend Micro, said it was really hard to be able to tell how many people were taken in by the scam because their research suggested at least some people click on the links deliberately to mess around with cyber criminals.
“Were 80 per cent just playing with it, while 20 per cent were getting tricked? It's impossible to say,” he said.
The ATO said it received thousands of reports from the community regarding “bogus emails using the ATO brand”, as well as thousands more about phone scams.
Technology market research firm, The Radicati Group, estimated that approximately 294 billion emails were sent per day, in 2010, meaning more than 2.8 million emails are sent every second and about 90 trillion emails are sent per year.
Ninety percent of the millions and trillions of messages are spam or viruses, according to the report, with only about 1.9 billion users sending legitimate emails.
Identity fraud costs the Australian economy $1 billion every year, according to the Transactions and Reports Analysis Centre.
The Australian Bureau of Statistics estimated that $1.4 billion had been lost due to consumer scams and personal frauds, including identity theft and credit card fraud. It also found that 6.4 million Australians aged 15 and over were exposed to a scam between 2010-2011, of which 514,500 became scam victims.