Yesterday a lot of Danes received an e-mail apparently coming from the tax authorities but was a phishing attempt.
The form to be filled may seem professional at first glance, but it actually had errors all over.
While such errors may be common in phishing as the ones behind only need a fraction of the receivers to take the bite, you actually do see many of the errors in lawful activities.
Some of the errors in the phishing attempt were:
- It is very unlikely that the public sector would communicate in English instead of Danish
- They got our national ID for every citizen right; it is called CPR-NR. But why ask for date of birth as this is included in the national ID.
- Asking for “Mother Maiden Name” and “The name of your son” seems ridiculous to me. Don’t know if it’s some kind of custom anywhere else in the world.
- The address format is (as usual) a United States standard. Here it would be: Address, Postal Code, Town/City.
- You would never expect the public sector to pay anything to your credit/debit card. Our national ID is connected to a bank account selected for that purpose.
As the tax authorities stated in a warning e-mail today: “We do not know of anyone who has been cheated by the mail”.
I guess they are right.
Also, if you are doing lawful activities but committing the same kind of diversity errors in your forms: Don’t expect a whole lot of conversion.