We’ve all received the email from the Estate of the Nigerian Price informing us that we are the beneficiary of his will and if you provide some personal details they will send you some money.

We all know to simply delete these emails, but those people that are looking to obtain your money by deception are getting pretty good at. Unless you are diligent, it can be easy to accidentally click where you aren’t supposed to and provide information to those who will use it for evil.

Fraudsters are often trying to impersonate entities that are relevant in the accounting and taxation sphere, such as the ATO and ASIC, or by claiming to have a tax return ready to be signed via DocuSign.

Below are some tips to help you avoid becoming a victim

1) Check the “from” email address.

Email addresses (and the internet as a whole) use a very strict naming convention (called DNS). All website pages and email addresses belonging to MCA Accountants for example end with “mcaaccountants.com.au”. We control that DNS name and it’s almost impossible for someone to use it without our permission.

Someone looking to send a fraudulent email in this case would need to use a different DNS name. Some examples of names that might fool people would be:

  • mcaaccounts.com.au
  • mcaaccountant.com.au
  • mcaaccountants.org
  • mcaaccountants.microsoft.com.au
  • mcaaccountants@gmail.com

Very similar, but not the same.

2) Check where every hyperlink is sending you

Hyperlinks are that part of an email or webpage that send you to another webpage upon clicking on it. Most of the time they display as underlined blue text, however the formatting of a hyperlink can be customised.

What is displayed on your screen is not necessarily an indication of where that hyperlink is sending you. The below hyperlinks all send you to the same page of our website, but are displayed very differently:

The safe way to work out if these are legitimate and safe hyperlinks is to hover over them (without clicking).

If you are viewing a webpage, the web address that the link will actually send you to will be displayed in the bottom left corner of your screen (tested with Firefox, Chrome, & Internet Explorer. If you use a different web browser it may display in a different location). below is an example from our website:

If you are viewing an email, hovering over the hyperlink will show the web address in a little pop up box as per the below example:

If the web address shown doesn’t look legit, don’t click on it. In the above link, the website we would be sent to is owned by eoaclk.com (this email was purportedly from ASIC, so we would expect that to be asic.gov.au if it were legit).

3) Check the language

Have a look at the use of “dear customer”, how generic an email seems, or whether the business name is present or not.


For example, there is an email going around that looks like it’s from DocuSign that asks you to click on a link to view your tax return. The email looks very similar to one that comes out from our system, so you could be forgiven for believing that it was sent from us except upon close inspection the “from” address is docusigner.org, not docusign.com and the language is generic and states “your accountant”, not MCA Accountants.

Businesses do employ the use of templates and standardised systems (so don’t just automatically delete any generic looking email), but 99% of the time those templates are linked into their client data so that bulk email outs will still contain things like your name.

4) Be forever skeptical

Many tips across the web on this topic will say “legitimate businesses will never ask for your personal details via email”. It’s a good rule of thumb, but not quite true.

Large organisations (like a bank) never will because they tend not to have that close 1-on-1 relationship with their customers. Small businesses like ourselves are a little different and will occasionally ask you to click on a link in order to provide information of some sorts.

If there is any doubt, call the business that has purportedly sent you the email. By the way, don’t call the phone number listed on the email that may be fraudulent, look it up yourself. If the business has a close enough relationship with you that it feels it can ask for information via email, they also won’t mind taking your call and having a chat about it.

5) Be wary of attachments

Before we get into too much detail… make sure you have an up to date virus scanner on your computer!!

Virus’ and other malicious code is most commonly executed on your computer via one of the following methods:

  • A Microsoft word document that is attached to an email will contains a “macro” which will install the virus. Later versions of MS Office will block macros in downloaded files for this very reason, but it is easy to override this setting (or click “yes” on the pop up box that asks you to run the macro).
  • An “executable” file (if you look at a file, you can tell what type of file it is by the 3 letters after the last “.”. For example:
    • In “myfile.doc”, the .doc at the end indicates a word document
    • In “invoice.xls, the .xls indicates an excel document
    • In “refund.exe, the .exe indicates an executable file
    • In “package.zip, the .zip indicates a zip file (more on zip files in a second)
    • In invoice.doc.exe, only the letters after the last dot matter. While this file may look like a word document, it is actually an executable.

Never run an executable file that you have downloaded unless you are 100% sure it is OK. As a side note, most email programs will block executable files for your protection.

Zip files add a layer of complexity but are fairly simple if you understand what it is. A zip file is basically a file that contains one or more other files.

Imagine you wanted to send 100 petrol receipts to your accountant. You can spend the time attaching 100 documents to your email, or you can combine them all into 1 zip file and email the zip file.

Given that most email programs will block executable files, a way around it is to put that dodgy executable within a zip file (because email programs don’t block zip files). When you open the zip, the executable with a virus is sitting there just waiting to be clicked on. If you get a zip file, make sure you treat the contents with caution.

In general, treat all attachments with great suspicion and scan them with your virus scanner before opening.

6) Context is important

Did you win the lottery without buying a ticket? Receive an inheritance from someone you never heard of? Obviously these are dodgy because there is no reason for you to benefit the way the email suggests.

If you are being asked to sign a tax return via docusign, but haven’t sent your info in yet – call your accountant. If you are being asked to pay a debt that you don’t think you have – call the provider.

Don’t let an email scare you into doing what it says. no reputable organisation will punish you for being careful with your inbox.