We’ve written about phishing scams targeting Irish Revenue in great detail before. Here, here and here. And here. And here. You get the picture. But, because a picture is worth a thousand words, here are some more pictures of one of the varieties, so you can avoid it, if you encounter it.
1. It starts with an email:
2. Then asks you to start handing over your personal info:
3. Then pretends it’s doing something important:
4. Then fakes an exact amount you’re allegedly due and asks you for your card details:
5. Then tries to appear legit, by possibly texting you a “secure code” (if you gave them your number too):
6. Then it pretends it’s doing something important again:
7. Then it tells you you’ll soon get some money:
8. Then it redirects you to the actual revenue site:
9. Then the scammers try to abuse your credit card and take money from you.
You know the drill by now. Think before you click, delete, mark as spam, warn your friends, stay safe online.
screenshots by Ciaran McHale, Security Engineer at ESET Ireland