24 B Dick St, Cambridge

Mon- Fri: 08:30–17:00
07 827 7119

24 B Dick St, Cambridge

Convincing IRD Scam

There is a sophisticated scam doing the rounds at the moment – an email purporting to be from the IRD, offering refunds. It looks all very official, you can check out what the scam email looks like in this article in Stuff. And it’s almost perfectly timed to coincide with the real tax refunds that have been paid out recently. In fact it even takes advantage of the fact that IRD have been asking people to update their bank details in order to make sure their refund goes to the right place. Of course this should happen via MyIR, not via a dodgy email.

But the clever part is that it doesn’t look very dodgy at all. There aren’t spelling mistakes or grammatical errors and the link they’ve created even looks legitimate  – I would say this email has been created as an almost direct copy of a real IRD email. These scammers have gone to some lengths to make it look real and I would bet money that they’ve hooked a few unsuspecting victims. It makes me wonder whether the classic Nigerian Prince emails etc are part of an elaborate ruse to lull us into dropping our guard.

Here are the giveaways provided to Stuff by the IRD:

  • Real IRD emails do not have a personalised greeting
  • Real IRD emails do not provide details of amounts owed or owing
  • The IRD numbers are wrong, they’re even the wrong format
  • Hovering over the link will show you a destination which has ird in it, but does not go to ird.govt.nz


The basic strategy of emails from IRD is to let you know that action is required within the safety of MyIR, so they don’t provide any details in their emails – that’s the biggest clue that this email is bogus. It seems that this scam involves entering your credit card details which should be a big red flashing light – why would the IRD need your credit card details to refund money to you?

The Stuff article says that about 900 people have already reported this scam. If you have received it please delete it, do not click on any link within it, or follow any other instructions.

If you have received it and have already clicked on the link and followed instructions please contact your bank immediately, then us. We can help make sure that they have not compromised your computer in any way, or fix it if they have.