Here are a couple of new phishing scams that hit my email this morning.
Like anything, a little attention to details will help to avoid these. Of course, why the South African government would want to give me a tax refund is ridiculous to start with.
Below is the faked email from the South African Revenue Service
And here is the faked web page:
Now if you bother to click on any of the links in the left column, none of them work. However, if you are careless and click on the bank logos so you can get your refund, you get faked pages for the banks asking for what else?; Your bank log in information.
Again, none of the site links work. Once your personal information has been captured, it doesn't matter since the damage has been done.
Another dead giveaway is the web address:
As you can see, the real sars.gov.za URL is appended to the phisher's site URL to make it appear like it is going to a legitimate site.
Here is the second one I got this morning:
Looks kind of sort of legit on the surface. Until you open the attached word document that is.
Outside of the normal clues to a phishing scan, namely the poor English, a couple of nice touches are included:
Using gmail as the return email address. Like Google has to use their own free email service. If you notice, in the email address:
that foreign is misspelled, that is another clue to a scam.
And the little bit at the end about keeping it confidential. Don't tell your friends and family! Probably because they will tell you that you are getting scammed.
Any time you get something from someone who is not in your address list, be careful what you click on!