The Tax and Customs Authority (AT) has released an alert public to give an account that some taxpayers are receiving fake emails sent on behalf of the tax authorities, requesting to settle the alleged tax debt.
in A note published on the Portal of Finance, AT explains that the fraudulent message has as its objective "to convince the recipient to download a file with malicious content", trying to convince him that doing the download of this file could move forward with the process of settling the tax.
To view the message type with which the attackers try to convince the recipients to take this step, the AT released an image with the reproduction of one of these emails.
Example of a fraudulent message (image, released by AT) DR
The false message is sent as an "Important Notice", assuming the logo and the color combination, dark blue and white, of the tax authority. In the body text, the recipient is informed that there are tax execution proceedings on his behalf, and that, not the smoothing, would be included in the list of debtors to the AT, that would be updated by the services of the tax administration.
A nuance: this list is public when a taxpayer singular has debts above 7500 euros (or ten thousand euros, in the case of the companies), only that, in the message forged, the alleged debt that would give rise to entry in the black list do not amount to 2500 euro.
Subscribe to the free newsletter and receive the best of today and the work the deepest of the Public.
Assuming to speak in the name of the AT, the attackers come "recommend" the amount to be paid to the taxpayer to avoid appearing in the list which will be updated in the Portal of Finance, and present the "total debits" on a given date. Then, under the indication "Download", accompanied by the symbol of the E-Invoice, the system of the OT that has nothing to do with the debt settlement, appears the link not to load. "In any case, you should perform this operation," noted the treasury.
Another important detail to take into account: this fake e-mail, the recipient is treated only by "Notifying(the) Lord(the)", and not by full name and by its number of the taxpayer, as is the practice in the authenticated e-mail AT.
following up on this alert, the AT provides a leaflet on computer security, with recommendations and details to which taxpayers should be aware of to identify fraudulent email messages or windows authentication fake playing the Portal of Finance.