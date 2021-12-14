Christmas is approaching, and as always happens, scam attempts against web users are multiplying. Even the Revenue Agency, as a Public Administration, is not safe from the exploitation of its name by malicious people, to try to give legitimacy to malicious messages.

When it comes to data security risks, we often talk about phishing, and many of us will have fallen for it too. It is a technique with which we try to steal confidential information such as, for example, the credit card number or the access credentials to various systems such as the online bank.

In these hours some news portals have reported the news of a new scam against the Revenue Agency that would exploit the PEC email of the Agency. QuiFinanza has verified the veracity of this scam but at the moment there is no official status on the part of the AE.

In any case, since it is always good to stay alert and know what to do, we report what has been circulated by some sites. The new scam that would be hitting the AE would have these characteristics.

The first thing would come from the self-styled sender “dc.liquidazione5.noreply@pec.agenziaentrate.it”. An email very similar to the one that the Agency has used several times for communications regarding due payments. But be careful, because the AE’s original email address is “dc.gt.liquidazione1.noreply@pec.agenziaentrate.it” or “dc.gt.liquidazione2.noreply@pec.agenziaentrate.it”. In this case, the “gt” part would be missing.

Another element that should make us suspicious is the subject of the email: “PERSONAL RESERVED: ID_COMUNICAZIONE: 014601731900100 [ENTRATE|AGEDC001|REGISTRO COMUNICAZIONI|9280886|07-12-2021]198559244 “. Something very strange indeed.

Finally, the text of the alleged email, which leaves no doubts as to whether it is a scam:

Regarding the communication attached to this email, we would like to point out that: The communication was generated automatically; We therefore ask you not to reply to the address from which it was sent. The verification of the digital electronic signature affixed as well as the subsequent extraction of the signed objects can be carried out thanks to applications made available free of charge online: for details, consult the website of the Agency for Digital Italy: http: //www.agid. gov.it. at the page http://www.agid.gov.it/agenda-digitale/infrastructure-architecture/firme-elettroniche/software-verifica. This communication is addressed to the Certified Electronic Mail box attributable to the company registered in the business register. If the box does not correspond to the actual recipient of the message, please report it to the commercial register office. For any clarification and information about the content of the communication, it is possible to use the contact channels with the Agency indicated in the irregularity report.

What to do? To defend against this type of attack? How do you know if an email is suspicious? Meanwhile, explains the Revenue Agency, starting by asking if the message comes from a known sender, then checking if it is written in correct Italian. Again: is it addressed to us personally? Is it well “constructed” ie are the characters used consistent or does it look like a patched up copy and paste? Does the speech “run” smoothly and does it make sense? Even one of these failings is sufficient to prudently consider the message as dangerous.

If there are links in the message, the first check to do is whether, on hovering the mouse, the link matches the text. It is always advisable to be wary of shortened links (for example those of the bit.ly type) which do not allow you to know in advance what the destination address is. If there are attachments, always check that they have only one extension (for example .docx and not .docx.exe).

In case of doubts about the real origin of a document received by email, rather than opening it, it is preferable to contact the sender by other means (a telephone number or an official email address) and ask for confirmation. The Revenue Agency never sends by e-mail communications containing personal data of taxpayers.