IRD SMS/Text Alerts

Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.

Forums › Finance and wealth management › IRD SMS/Text Alerts

dimsim

848 posts

Ultimate Geek

Trusted

Lifetime subscriber

#272767 14-Jul-2020 21:39

My 15yo Son received the message below from 5678 this morning

Given the language (IRD here..) and the fact that he 15's and at school with no need to complete a tax return - nor do the IRD have his mobile number AFAIK. I assumed that this was simply a phishing or scam like text and told him to delete it but send a screenshot to phishing@ird.govt.nz

He's just received an email back From: phishing <phishing@ird.govt.nz> and according to Gurpreet, the Cyber Security Analyst it was "This is a genuine communication from Inland Revenue"

What are these people on? I communicate all the time with IRD and have never once received a helpful text warning me to file a return, why on earth would they send one to a 15yo school kid?

Oblivian

7304 posts

Uber Geek

ID Verified

#2523133 14-Jul-2020 22:01

Got their own bank accounts?

Think you still need a tax # and RWT for that

djtOtago

1158 posts

Uber Geek

#2523138 14-Jul-2020 22:09

Could be a genuine text, just sent to the wrong number.
How long has you son had his current number?

Oblivian

7304 posts

Uber Geek

ID Verified

#2523139 14-Jul-2020 22:10

The other gotcha may be if it's a recycled prepay number someone never updated their record of. I use to get reminders my son medical checkup was due in Akl.

I don't have one. Nor live there. Someone who use to have my work number before I started signed up for errrything. Including Entering those timeshare holiday crap

/snap

Oblivian

7304 posts

Uber Geek

ID Verified

#2556729 4-Sep-2020 09:12

Funny how we started this..

I just got one. Despite my ird acct having email as preferred contact. No mobile number listed. And physical address there (postal blank, but its the same so who cares right..)

Yet my mobile gets a txt.

freitasm

BDFL - Memuneh
79316 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2556734 4-Sep-2020 09:21

Since that SMS has a link I would be suspicious of a phishing attack - even though the message looks like a legitimate one, confirmed by IRD, who knows who sent that. In any case go to the IRD website and update whatever is needed but don't click the link.

Oblivian

7304 posts

Uber Geek

ID Verified

#2556737 4-Sep-2020 09:28

I went to it externally to confirm, since there appears to be no way of viewing the url encoded. Hence the findings.

But same premium num, same formatting as a above (which was verified). Probably the person from 20yrs ago who had this number moved again (same one I got hospital check-up notices for their kid)

Goes to show how dodgy it can be giving mobile out

floydbloke

3525 posts

Uber Geek

ID Verified

#2557010 4-Sep-2020 14:23

Sorry, drifting off-topic here but the whole URLs within SMS message has piqued my curiosity.

Are links actually encoded within SMS messages, or is it the app parsing the content, recognising URL syntax and offering it up to the user as a clickable link? And in the case above, showing a 'preview' a la Facebook posts and messenger?

Did Eric Clapton really think she looked wonderful...or was it after the 15th outfit she tried on and he just wanted to get to the party and get a drink?

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

Oblivian

7304 posts

Uber Geek

ID Verified

#2557062 4-Sep-2020 14:57

It's right it's at app level. Android Alla Google hooking the http link, giving an optional preview button which my fat finger has hit at some point.

but you can't long pause and get a preview URL or anything like that in case it's hidden behind href link mask like an email.

presumably that adds to it's legitimacy but it's out of the blue given my online ird account has no mobile number listed

halper86

547 posts

Ultimate Geek

ID Verified

#2557143 4-Sep-2020 15:58

Just a few examples of texts that I have received since I got an new, recycled number

dimsim

848 posts

Ultimate Geek

Trusted

Lifetime subscriber

#2557220 4-Sep-2020 19:11

seems to me that quite a few of these so-called convenience messages are pretty poorly conceived in a security context.

i guess most of this is due to the fact that I don't know enough about how these texts are generated and the process involved.

at least with spf/dkim/dmark organisations can specify authorised hosts to send legitimate correspondence from and receivers can choose to receive of reject based on this. my mail servers reject and messages that fail spf as a minimum but im still surprised by how many organisations have no clue about how this works.

floydbloke

3525 posts

Uber Geek

ID Verified

#2557235 4-Sep-2020 19:44

Thank you all. If nothing else you've at least helped me to take a second look at txt messages and think before I click.

Did Eric Clapton really think she looked wonderful...or was it after the 15th outfit she tried on and he just wanted to get to the party and get a drink?

dimsim

848 posts

Ultimate Geek

Trusted

Lifetime subscriber

#2557306 4-Sep-2020 21:58

djtOtago:

Could be a genuine text, just sent to the wrong number.
How long has you son had his current number?

This was some time ago now I know - but he's had that number for a few years and it is an on account number as part of my vodafone account not a prepay number so I don't think this was the issue.

Also as per my op, IRD have had all of my contact details for decades (and specifically my mobile number for the last two decades) and I've never once received a message like he received.

This is simply just odd, but apparently legitimate communication via a medium (sms) that most people (for the meantime anyway) still take notice of, unlike junk email.

Oblivian

7304 posts

Uber Geek

ID Verified

#2557316 4-Sep-2020 23:31

I'm tempted to call and ask if mine was intended for me, and if so what other govt dept donated my details sure my profile doesn't have it.

Mines a 17yr old 6 digit work number that i tend to sign up for stuff with. Cause, you never know if they'll take it off you

freitasm

BDFL - Memuneh
79316 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2557343 5-Sep-2020 09:44

dimsim:

djtOtago:

Could be a genuine text, just sent to the wrong number.
How long has you son had his current number?

This was some time ago now I know - but he's had that number for a few years and it is an on account number as part of my vodafone account not a prepay number so I don't think this was the issue.

Also as per my op, IRD have had all of my contact details for decades (and specifically my mobile number for the last two decades) and I've never once received a message like he received.

This is simply just odd, but apparently legitimate communication via a medium (sms) that most people (for the meantime anyway) still take notice of, unlike junk email.

There's always the possibility someone transposed a number when entering it in the form - those are not checked via a SMS confirmation (like some websites don't confirm email addresses and that's why every few days/weeks some get emails supposed to be for other people).