How to know if an email from SARS is safe or scam




Recently we have noticed emails that appear to have been sent from SARS, and that might look like legitimate SARS correspondence, but are not. These are unfortunately emails sent by scammers, who try to trick you into sharing personal information or downloading a virus.

Thankfully there are a few things you can look out for to ensure that you don’t fall victim to malicious intent from online criminals. If you get an email from SARS (or from any financial institution) that fulfils any of the below warning signs – rather click nothing, ignore all attachments, do not reply, just delete the email immediately.

  • Does the email contain any bizarre spelling mistakes, or strangely formatted images, like a wrongly sized logo?
  • Have you never heard of the person or organisation the email comes from, never dealt with them or acted on their website? Even if the email is from a friend, is the style of their email different from normal e.g. not greeting you, then suddenly using a one-liner with a web link?
  • Are they asking for personal details e.g. ID number, banking details, PIN etc?
  • Is the email attempting to shock you into acting e.g. telling you your computer security is vulnerable, your antivirus is broken, you have been hacked, or you have won a lot of money from an unknown relative? Never take any risky actions based on a shock email from a stranger. Always verify with an IT professional whether the threat is real before taking any action.
  • Is this email from an organisation that should know your name, but doesn’t use it in the email? Scammers who only have your email address will often use a generic template such as “Hi [email address]” to start an email, instead of “Hi [first name]” as you might expect from your bank.
  • Is the email asking or telling you to download something e.g. software or a free antivirus? Never download new software unless you have researched it yourself, or a human being you trust has recommended it to you in person.
  • Is the sender email address something bizarre and not related to the contents of the email? Have a look at the domain part of the sender email address (the part after the @ sign). Is this domain representing a website that you know and trust, and that matches the email contents? Is the domain spelled exactly the same as what you expect? Sometimes scammers send email from similarly spelled domain names e.g. 5ARS.gov instead of SARS.gov.
  • Are there any attachments and are these attachments corrupted or blocked by your antivirus software? Don’t open them. In fact, if there is an attachment on the email which is unexpected or not even mentioned in the email text, ignore it completely.
  • Does the email ask you to open external attachments by clicking on a link e.g. One Drive, Google Drive etc? SARS will never use an external cloud provider to send you attachments.
  • Does it have any weird outbound links which do not relate to the supposed email sender? If the email came from SARS, all the links in the email should point to the SARS website only and not a different organisation. In some email software packages you can hover over outbound links to see where they lead without clicking on them.

In closing, it is very easy for scammers to incorporate the logos and branding of companies that you trust into their scam emails and send email from company addresses that you know. Please try to apply common sense and a cautious approach when reading any email which is even slightly out of the ordinary. Stay safe!

Photo by Gary Chan on Unsplash



This entry was posted in TaxTim's Blog and tagged , . Bookmark the permalink.

10 most popular Q&A in this category




Do your Tax Return in 20 minutes or less!

TaxTim will help you:

 Do Your Tax Return Easily
 Avoid penalties
 Maximise your refund

Tim uses your answers to complete your income tax return instantly and professionally, with everything filled in in the right place.

Let Tim submit your tax return direct to SARS in just a few clicks!

Get started

Blog Categories


Ask TaxTim

Got a question you want answered about tax?

Visit our helpdesk →

Get SARS Tax Deadlines in your Inbox
We'll tell you when you need to file, along with tax tips and updates.