Insights

Fraudsters Send Emails in the Name of the Bundeszentralamt für Steuern

Press release of the BZSt: Emails are currently in circulation that misuse the name of the Bundeszentralamt für Steuern (BZSt) to distribute malware. The emails are sent from the address "bzst.bund@munich.com" with

1 min read

Press release of the BZSt: Emails are currently in circulation that misuse the name of the Bundeszentralamt für Steuern (BZSt, German Federal Central Tax Office) to distribute malware. The emails are sent from the address "bzst.bund@munich.com" with the subject line "Rückerstattung/ refund" and contain the following text:

"Steuererstattung ist abgeschlossen, befestigt ist eine Kopie des Schlup. (tax refund completed, attached is a copy of the slip)."

The message includes an attachment named "Steuerbescheid.pdf.rar". This rar file contains a file called "k-12.exe" (see screenshots below). The file is presumed to contain malware. We therefore urgently ask you to:

Do not open these emails under any circumstances

Do not open any attachments

Delete these emails immediately

Notifications about tax refunds are not sent by email. Furthermore, the BZSt is not responsible for refunding overpaid taxes; this is handled by the relevant local Finanzamt (tax office). Note: Further information is available on the BZSt website.

Steffen Akademie is certified in writing for websites, social media and search engines

© Steffen & Partner Gruppe

Frequently asked questions

Frequently asked questions

  • Does the Bundeszentralamt für Steuern send notifications about tax refunds by email?

    No, the BZSt does not send notifications about tax refunds by email. In addition, the BZSt is not responsible for refunding overpaid taxes; this falls under the jurisdiction of the relevant Finanzamt. Emails claiming to be refund notifications on behalf of the BZSt are therefore always fraudulent.

    Permalink to question

  • How can you identify the fraudulent email pretending to be from the BZSt?

    The emails are sent from the address "bzst.bund@munich.com" and have the subject line "Rückerstattung/ refund". The text announces a completed tax refund, and the attachment is a file named "Steuerbescheid.pdf.rar" containing an executable file "k-12.exe". This is presumed to be malware.

    Permalink to question

  • How should you handle suspicious emails sent in the name of the BZSt?

    Such emails should never be opened, nor should their attachments. We recommend deleting the message immediately. Executable files (.exe) or packed archives (.rar) in connection with alleged tax assessments are a clear warning sign.

    Permalink to question

  • Which authority is actually responsible for tax refunds?

    Refunds of overpaid taxes are handled by the locally competent Finanzamt (tax office), not by the Bundeszentralamt für Steuern (Federal Central Tax Office). Communication takes place by postal mail through official tax assessment notices, not via email.

    Permalink to question

Back to overview