L’Revenue Agency warns against one email containing false payment requests of taxes not due on presumed income obtained from cryptocurrencies or on online trading. It’s about phishing, a form of online fraud similar to “trawling”. Here’s how to recognize it and how to manage it.
The Revenue Agency issues a phishing alert
The Agency warned taxpayers with a I notify published on June 6, 2024. The fraudulent emails come from a PEC address of the Revenue Agency and are mainly characterized by the presence of high amounts, calculation schedules of the taxes set by the Italian State and requests for mandatory advance payment of a percentage of the amount to be credited. In its message, the Agency reports an example based on the Tether cryptocurrency (Usdt), but scammers can potentially develop infinite variations on the theme.
The new strategy of scammers
The novelty of this latest phishing alert is that compared to the past, it seems that scammers have raised the bar: in addition to emails sent automatically to a general number of users, the unfortunate people could also be reached by phone calls or letters: malicious scheme – it is explained – could also be part of false telephone communications coming both from Italian numbers That foreign (for example with prefix +44) and sending it to the unfortunate person documents artfully manipulated.”
The documents may contain some of the following elements:
- Revenue Agency logos;
- calculation statements and fake tax bills;
- signatures of top figures, possibly also from other administrations;
- grammatical errors, punctuation errors and omissions in the text;
- threats of involvement of a debt collection body or registration on the register;
- imposition of tight deadlines that instills a sense of urgency in the user.
What to do if you are a victim of phishing
The recommendations in these cases are always the same: lend the maximum attention And don’t click on any link contained in the fraudulent emails. Don’t download any attachments from these emails. Attachments may also contain malicious links.
And then again, don’t provide login credentials, personal data or the Bank account details. Behave this way whether you are contacted by email or by phone. Public bodies are already in possession of users’ personal data. Every request in this sense must be considered an attempted scam even if it is justified in the most varied ways (temporary blocking of databases, error in transcribing data, etc.).
In case of doubts about the veracity of a message received from the Agency, it is always preferable to check whether it is a known case of phishing, consulting the “Focus on phishing” page of the institutional website of the Revenue Agency, contacting the contacts available on institutional portal agenziaentrate.gov.it or directly to the territorially competent office.
If you realize too late that you have fallen into a trap, contact your bank for to block the bank transfers made or to block the credit (or debit or prepaid) cards for which the numbers have been provided. Then contact the police to report the case. Anyone who has clicked on fraudulent links should update theirs antivirus to the latest version and immediately perform a thorough scan.
