Phishing scam targets SAW users

Latest phishing scam targets SAW users via text message

The Department of Revenue recently learned that scammers are sending fake SecureAccess Washington (SAW) text messages in an attempt to trick people into providing their account credentials and personal data.

The phishing text says:

“Your SecureAccess Washington (SAW) claim account is currently on hold for verification, please verify by following the instruction in the link below.”

 

Example of SAW phishing scam text message.

If you click the bit.ly link in the text, you are taken to page that asks for your username and password. The site will accept any credentials that you enter and then asks for your Social Security number, driver’s license, and mother’s maiden name. You are then redirected to the Washington State Employment Security Department login page.

The Department of Revenue and SecureAccess Washington will never send an email or text message that:

  • Asks for validation of your username and password.
  • Contains bit.ly links.

Keep your confidential information safe. Do not click on the bit.ly links in these text messages.

 

The Department of Revenue has learned of the following email spoofing campaign.

An email message with the subject line “LEGAL NOTICE FOR gtstore@retail.adityabirla.com, {YOUR U.S. $75 MILLION DOLLARS RELEASE NOTICE}{PLEASE CONFIRM YOU EMAIL RECEIVED THIS NOTICE}” was sent out as a mass mailing.

The email includes a link to:

The fake profile site shows a photo of DOR Director Vikki Smith and her bio, which can make it seem authentic, but it is not. Ignore all emails and websites ending in *.top.

Keep your confidential information safe. Do not click on either of the links or respond to the email address provided. If you are unsure of the source of an email about the Department of Revenue, please contact us directly at 360-705-6705, or any of the other methods listed on dor.wa.gov/ContactUs.

Also note that the Department of Revenue will never send businesses an email asking for validation of email or account credentials.

Phishing scam targets SAW users - May 2020

The Department of Revenue recently learned that scammers are sending fake SecureAccess Washington (SAW) emails in an attempt to trick people into providing their account credentials.

While phishing attacks have been occurring for many years, they seem particularly widespread and aggressive now due to our current economic situation combined with all of the individual financial assistance and business relief programs available from local, state, and federal governments.

In the phishing email example below, users are told they have 24 hours to correct inaccurate information or their SAW account will be restricted. The Department of Revenue or SAW administrators will never send businesses an email asking for validation of account details.

Cyberattacks often begin with phishing campaigns that try to trick you into downloading malware or provide account credentials. Now, as always, it is important to be on the lookout for emails in both your personal and work accounts that appear to be suspicious. Typos are a tell-tale sign of phishing emails.

 

Email from scammers posing as Secure Access Washington


Note: Taxpayers may receive a call from DOR agents or from the Initial Contact Team (ICT) regarding the taxpayer’s business account. DOR agents will leave a message asking taxpayers to return their call. Call back phone numbers can be for specific DOR agent assigned to a taxpayer account or from the ICT’s number, 253-661-4279. If you are unsure whether a call or message from DOR is legitimate, call Taxpayer Services at 360-705-6705 or the ICT at 253-661-4279 for additional information and assistance.