Scammers are posing as the State Tax Service: just one email could give attackers access to your computer
8 July 09:51
The State Tax Service of Ukraine has warned Ukrainians about a new wave of phishing attacks. Cybercriminals are sending out mass emails that appear to be official notifications from the tax service. Opening attachments or clicking on links can result in your computer being infected with malware and the loss of access to important data.
This was reported by the State Tax Service’s press office, according to "Komersant Ukrainian"
What Kind of Emails Are Scammers Sending?
The subject line of these fake messages most often reads: “Request for documents and explanations as part of a tax audit.”
In this way, scammers try to create the impression of official correspondence and force the recipient to open the attachment or click on the link as quickly as possible.
The State Tax Service emphasizes that such emails are phishing attempts and may contain malicious software.
Why are these messages dangerous?
After opening the attachment or clicking the link, a program may be installed on the computer that allows cybercriminals to:
- gain remote access to the device;
- steal personal and financial data;
- gain access to your electronic digital signature;
- take control of accounting documents;
- monitor corporate email;
- gain access to banking services.
That is why the tax authority urges people not to open suspicious files, even if the email looks official.
Watch us on YouTube: important topics – without censorship
How to Spot a Fake
The State Tax Service explained that official emails are sent only from email addresses in the @tax.gov.ua domain.
The service’s official email address is: [email protected]
Fraudsters, on the other hand, use third-party domains. One example is the address: [email protected]
If a message comes from a different domain, that’s a good reason not to trust its content.
Which attachments are the most dangerous
Files with the following extensions pose a particular threat:
- .zip
- .rar
- .exe
- .scr
It is through such attachments that malware is most often spread.
What the State Tax Service Recommends
The Tax Service advises:
- carefully check the sender’s address;
- do not open suspicious attachments;
- do not click on unknown links;
- verify information through the State Tax Service’s official website or the taxpayer’s online account;
- do not forward questionable emails to other users without warning.
Why Businesses Are at Particular Risk
Accountants, CFOs, and business executives remain the primary targets for scammers.
Due to the nature of their work, they regularly receive official documents from government agencies, so they may not immediately notice a forgery.
If an attack is successful, cybercriminals can gain access to accounting databases, digital signatures, financial documents, and the company’s internal information systems.
The tax authority reminds the public that waves of such phishing campaigns recur regularly; only the subject lines of the messages and the senders’ addresses change. Therefore, adhering to cybersecurity best practices remains one of the most effective ways to protect against fraud.
Read us on Telegram: important topics – without censorship