The need to treat any email with caution has been further heightened with a clever attempt to phish IRD credentials – presumably in an attempt to hijack your personal details.
Titled: ‘GST Return is due’ is the first warning sign, given the date the email was sent.
The use of legitimate artwork adds to the ruse, raised by the lure of a $673 refund.
Then you’ll remember no government department will reveal a dollar amount in an email. The red flags become clearer.
Inspecting the email sender address (clearly not from the IRD or a .govt.nz service) and the ‘Login’ link (again not the IRD or a .govt.nz website) validates why this email was correctly labelled as spam. However not everyone’s email service is going to be that diligent.
That’s where you must be always on high-alert.
The recent Waikato DHB security breach was revealed to be caused by an email. Despite the best email filtering there will always be a group who attempts a new way through.
There are two methods to protect yourself:
- Don’t click any links in emails (especially those you are unsure of).
This is likely tracked and your email address will be flagged as one that clicks links (even if you don’t proceed any further),
- Log into websites directly. You will find in any email from the IRD they don’t provide links to the website.