A new attempt to circumvent is circulating in the name of the Tax and Customs Authority (AT). The alert is simple: if you received an email with the subject “Full Guide for Settlement”, delete it immediately. It is a fraud designed to mislead taxpayers, leading them to introduce sensitive data on a fake page.
How does this fraudulent scheme work?
The message, with the subject “Full Guide for Settlement”, which at first sight simulates official communication, is presented as a notification of irregularities detected in the tax situation of the recipient.
In the body of the email is included an appealing button with the “go to the page” inscription, which redirects to a suspected domain housed on the Amazon AWS server: a legitimate cloud accommodation service, but is often explored by attackers to host fraudulent content.
In the present case, the address included refers to “https://redenegociacaosaoluisade.s3.us-east-east-.amazonaws.com ”, suggesting that it is an external connection that has nothing to do with the official channels of the Tax Authority.
The destination page mimics the finance portal and requests the introduction of access credentials, a phishing scheme already used in other similar contexts.
OBJECTIVE: steal access data and simulate operations
According to cybersecurity experts, this type of fraud has as its main objective the robbery of access to the Finance Portal, in order to access personal data, submit statements on behalf of the taxpayer or even request refunding for fraudulent bank accounts.
O site Money Vivo warns that this type of campaigns “are solely purposeless to obtain improperly authentication data or induce the payment of fictional amounts.”
We recommend:
What to do if you receive this message?
According to the OT itself, their services never send emails with links to direct access to authentication pages, nor do they request the insertion of passing words outside the official channels.
The recommendation is clear: Do not click any link, do not provide any data and immediately eliminate the message.
If in doubt, you can always confirm the veracity of communication through the Finance Portal or directly contact the AT support line.
Frauds are increasing: how to protect yourself?
This is not an isolated case. The Tax Authority has been reinforcing notices regarding the proliferation of phishing campaigns, especially in sensitive periods such as IRS delivery.
The National Center for Cybersecurity () also advises users to carefully verify the sender of emails and never rely on messages with spelling errors, suspicious addresses or excessive urgency.
To protect yourself, you should activate authentication of two factors whenever possible and use updated safety software.
In case of improper access or suspected data theft, it is recommended to file a complaint to the competent authorities and immediately contact the bank or the entity.
Also read:
