Danger! Tax fraud through fake emails in circulation!

Danger! Tax fraud through fake emails in circulation!

The tax authorities are currently warning of an increasing number of fraud attempts that manifest themselves through fake emails. These messages appear to come from the tax administration or the well-known online portal “Elster”. The State Tax Office states that the emails look deceptively real and use the magpie logo and a light green star.
In addition, general salutations such as “Dear Customer” are often used. In many cases, a tax refund is promised or you are asked to confirm your Elster account.

The main goal of these fraudulent emails is to obtain recipients' personal data, login details or banking information. In order to put pressure on those contacted, urgent wording is often used. The state office expressly advises against replying to such emails, clicking on links or attachments and deleting suspicious messages. Taxpayers should be aware that the tax administration never asks for sensitive data via email and that tax data or notices are generally not sent as email attachments.

IT security at ELSTER

IT security in the ELSTER process is guaranteed by the federal and state financial administrations. Particular emphasis is placed on protecting confidential information and ensuring the availability and integrity of the processed data. The system is subject to strict legal requirements, such as the Tax Code (AO), the Tax Data Retrieval Ordinance (StDAV) as well as the Federal Data Protection Act (BDSG) and other state-specific data protection laws.
ELSTER services will be available in a later date ISO 27001 certified IT infrastructure that documents the complete implementation of IT-Grundschutz.

The electronic transmission of tax data takes place via the Internet in an encrypted form in order to protect tax secrecy. Hybrid encryption is used here, which corresponds to the latest security technology. To ensure the integrity of the transmitted data, a hash code is used. In addition, the security of the ELSTER process also takes into account the security functions of third-party software.

In summary, it is essential that taxpayers handle any type of communication that supposedly comes from the tax administration or ELSTER with caution. Protecting personal data is essential to avoid falling victim to phishing attacks.