Beware fake tax refunds in South Africa

Despite e-filing season nearing its end, malicious parties are still taking advantage of the period to scam South Africans out of their money.

MyBroadband readers waiting to hear if they have received a refund have reported that they have received emails and messages telling them that their refund is available.

To receive this refund, the messages state that they must simply click on a link within the message.

However, this is a phishing scam, and clicking on this link is a trap. An example of this scam can be viewed below.


Tax filing season

Mimecast cybersecurity expert Brian Pinnock said that tax season is a popular time for malicious parties to steal users’ personal and financial information.

“Tax season is phishing season, and cybercriminals are preying on unsuspecting taxpayers through a range of sophisticated phishing techniques that could put their personal and financial information at risk,” said Pinnock.

According to Pinnock, email is a popular avenue for phishing scams during the tax season.

“Email remains a highly attractive method of attack for cybercriminals, especially during periods – such as our current tax season – where consumers are likely to send and receive sensitive personal and financial information via email.”

“What’s highly concerning is that 45% of South African respondents in our latest survey reported an increase in targeted spear-phishing attacks containing malicious links or attachments.”

Pinnock explained that spear-phishing relies on social engineering, meaning it is well-researched and difficult to spot.

“It’s not only individual taxpayers that are at risk: organisations with insufficient security and a lack of end-user awareness are easy targets for sophisticated attacks that could put their systems – and their data – at risk,” said Pinnock.

Warning from SARS

SARS has warned that South Africans should be wary of scammers impersonating the revenue service.

“Members of the public are randomly emailed with false “spoofed” emails made to look as if these emails were sent from SARS, but these are in fact fraudulent emails aimed at enticing unsuspecting taxpayers to part with personal information such as bank account details,” said SARS.

“Examples include emails that appear to be from [email protected] or [email protected] indicating that taxpayers are eligible to receive tax refunds.”

“These emails contain links to false forms and fake websites made to look like the “real thing”, but with the aim of fooling people into entering personal information such as bank account details which the criminals then extract and use fraudulently.”

SARS offers the following advice to taxpayers:

  • Do not open or respond to emails from unknown sources.
  • Beware of emails that ask for personal, tax, banking and eFiling details.
  • SARS will never request your banking details in any communication that you receive. However, for the purpose of telephonic engagement and authentication purposes, SARS will verify your personal details. Importantly, SARS will not send you any hyperlinks to other websites – even those of banks.
  • Beware of false SMS’s.
  • SARS does not send *.htm or *.html attachments.
  • SARS will never ask for your credit card details.

SARS has also published examples of scams that have come to its attention on its Scams and Phishing page.

Now read: South Africa’s new e-Visa system is live – Everything you need to know

Latest news

Partner Content

Show comments


Share this article
Beware fake tax refunds in South Africa