The South African Revenue Service (SARS) has confirmed that it cannot reverse unauthorised changes to a taxpayer’s profile
Image: GCIS
The South African Revenue Service (SARS) has confirmed that it cannot reverse unauthorised changes to a taxpayer’s profile or recover refunds once they have been redirected by fraudsters.
Last week, it was reported that the revenue collector warned taxpayers that criminals have developed a new scam designed to steal personal information under the guise of a tax refund audit.
According to SARS, the latest scam involves an SMS that claims that a revenue collector is auditing a tax refund.
"The latest scam is an SMS indicating that SARS is conducting an audit on a Tax refund. The link leads you to a phishing website, aimed at stealing your information."
In an interview with broadcaster Newzroom Afrika earlier this week, SARS Commissioner Edward Kieswetter said victims of tax scams should immediately report the incident to their bank’s fraud unit, as some banks may still be able to detect or stop suspicious transactions.
"Unfortunately, we can't once taxpayers have breached their own confidentiality or allowed someone access to change their bank details, for example, so that they can divert refunds, but some of the banks do have phishing detection software, and if a taxpayer has been fraudulently accessed into the bank account, the bank hasn't picked it up, taxpayers should also inquire with their banks".
He stressed that SARS would never ask for personal details such as passwords or banking credentials via SMS or email.
"We really caution taxpayers not to press through on links that appear via text messages because these will not be coming from SARS," .
He added that SARS was also working with the Hawks and the South African Police Service (SAPS).
“We conduct our own criminal investigations, and we start working with the Hawks and the prosecution authorities fairly early,”
Kieswetter said that while SARS was making use of tools like two-factor authentication and one-time PINs to help prevent unauthorised access, in most cases of fraud, taxpayers have inadvertently shared their passwords, either with friends, family members, or, in some cases, even tax practitioners.
“We find almost always password breaches.is when taxpayers unwittingly share their password,” he said.