Tax season leads to an increase in tax-related phishing attacks

South Africa’s tax season is officially underway, which means that you are likely to receive some form of phishing email claiming to be from the South African Revenue Services (SARS).

These emails take various shapes and sizes, but the most common ones are demands to immediately pay outstanding penalty fees, or tips on how to easily get a tax rebate if you follow the provided list of actions. You are then either required to click on a URL, or open an attachment. Both of these methods could contain malicious software that could infect your device, or steal your personal and financial information.

Stay alert

These phishing emails are a reality and it isn’t going to stop anytime soon. You therefore need to be aware of the difference between a legitimate and fake email, website, or even SMS. To help you stay alert, the SARS website provides the following advice:

• Do not open or respond to emails from unknown sources.
• Beware of emails that ask for personal, tax, banking and eFiling details (login credentials, passwords, pins, credit / debit card information, etc.).
• SARS will never request your banking details in any communication that you receive via post, email, or SMS. However, for the purpose of telephonic engagement and authentication purposes, SARS will verify your personal details. Importantly, SARS will not send you any hyperlinks to other websites - even those of banks.
• Beware of false SMSs.

SARS has also created a webpage which provides a list of the latest tax-related phishing attacks and scams doing the rounds. You can, however, also report these types of emails to phishing@sars.gov.za, or call their Fraud and Anti-Corruption hotline on 0800 00 2870.