On 5 Mar 2025 23:28:49 GMT, Gordon <
[email protected]> wrote:
https://www.rnz.co.nz/news/national/543920/inland-revenue-will-continue-calls-causing-fears-over-scammers
If you want to keep a high level of security up both sides have to "play by >the rules".
Scams have involved the IRD and they have made an effort to educate the >public not to engage with cold calls or e-mails looking as if the are from >the IRD.
They even have
https://www.ird.govt.nz/managing-my-tax/scams
So how do you think the average person is going to respond when the phone >rings and there is talk about you changing your password.
Why does the IRD web site on the front page Say Please upgrade to 2FA. Along >with the reasons and how to do it. Then at least people could do it.
Going to MyIR one can send a secure message to the IRD and vica verca. This >is the system they have introduced, similar to other places where high >security is needed.
If the customer only visits the myIR arounf tax return time then contact the >customer and say Message in myIR, please log in and read.
The IRD should never cold-call anyone. If I received a call from
someone purporting to be from the IRD I would automatically hang up.
Looking at the cited article it seems that the IRD will now text
first, then call. This is also flawed - if the called party has not
read the text they are non-the-wiser.
The IRD should email each user, telling them there is an important
issue that requires their attention by logging on to MYIR (no link in
the email). When anyone logs on to the MYIR website that does not
have 2FA set up, warn them when they next log on.
--
Crash McBash
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)