Taxpayers, attention! Phishing attack is ongoing. Fake e-mails containing malicious software are being sent

In recent days, the fact of mass distribution of e-mails purporting to be on behalf of the State Tax Service of Ukraine, containing a link to download a file, has been recorded. In case of following attached link, a file will be downloaded to your computer, opening which will lead to the launch of a malicious program, which will create technical opportunities for covert unauthorized access to personal computers.

With this in mind, we inform you that such messages are sent from electronic mailboxes that have nothing to do with the State Tax Service of Ukraine.

We address to payers to pay special attention to the e-mail address of the letter’s sender and check its authenticity.

Paragraph 2 of Resolution of the Cabinet of Ministers of Ukraine № 851 as of 21.10.2015 "Some usage peculiarities of domain names by state authorities in the Ukrainian segment of Internet" (with changes) (hereinafter – Resolution of the Cabinet of Ministers of Ukraine № 851) stipulates that:

"Ministries, other central authorities of executive power, Council of Ministers of the Autonomous Republic of Crimea, regional, Kyiv and Sevastopol cities state administrations must ensure:

"use by officials for official correspondence exclusively of electronic mailboxes located on servers located in the domain zone GOV.UA or .UKR".

Considering above specified, it should be informed that the State Tax Service does not use e-mail addresses registered in the "klenba.cz" domain for official correspondence.

Official registered domain of the State Tax Service is "tax.gov.ua", and therefore all official e-mail addresses of the State Tax Service must necessarily contain domain name "tax.gov.ua" as the second part of the name (after the "@" symbol).

Herewith, we emphasize that there is a real danger of infecting personal computers with viruses distributed by the e-mail. A characteristic feature of such letters is presence of attached .zip or .rаr format files, as well as files with the extension .scr, .exe. Task of the attackers is to mislead the user into opening the attachment.

Phishing e-mails contain a link or the attached file with an archive that contains software to gain remote access to the users’ computers.

It is recommended not to open attachments in suspicious messages.

Personal cyber hygiene should be observed using the e-mail. Be careful and attentive opening the attachments, even if they come from known recipients. Since the attackers can mask the sender’s address, you should not open attachments received via the e-mail without first confirming that the e-mail was sent by the sender.

При користуванні електронною поштою потрібно дотримуватися особистої кібергігієни. Бути обережними та уважними при відкритті вкладень, навіть якщо вони надійшли від відомих адресатів. Оскільки зловмисники можуть маскувати адресу відправника, не слід відкривати вкладення, отримані засобами електронної пошти, без попереднього підтвердження факту надсилання електронного листа його відправником.