Phishing Scam About Tax Refund Exploits ‘Stimulus Payments’
An e-mail informing tax refund entitlement could be actually aiming at theft of recipients' identity, warns security researchers at MX Logic. Taxpayers might be confused when they find a host of Websites containing the name of Internal Revenue Service or the IRS acronym with .net, .com, or .org suffix to the URL in place of the actual.gov.
Messages purporting to arrive from the IRS are entering consumers' inboxes, instructing recipients to click on a given link to a Website where if they provide their routing and bank account numbers, their rebate could be directly deposited into their account.
Like previous repetitions of this scam, the current one too uses an IRS logo in the message that has been copied from the IRS Website, says a posting on the IT Security Blog of MX Logic.
According to MX Logic researchers, the samples they have been examining appear to come from email@example.com with the subject title saying, "2008 Economic Stimulus Refund". Their message content allege that over 130 Million American taxpayers would receive rebates under a program by President Bush launched to stimulate the economy.
But, on clicking the link, rather than getting a payoff, unwitting computer users find a typical phishing site on their screen, said MX Logic. The site asks the users to provide their bank account and routing numbers assuring that the refund would be deposited straight into their account.
Sam Masiello, Director of Threat Management, MX Logic, said that his firm expected such scams during this time following last month's (March) surge of phishing e-mails ahead of the tax deadline of April 15, 2008, as reported by SCMagazine on April 24, 2008.
According to Masiello, the US federal government's scheme of disbursing $168 Billion via its payment distribution as an economic stimulus indeed encourages cyber criminals preying on users of e-mail. He argues that the social engineering trick of creating a feeling of urgency might work out effectively for the miscreants.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 28-04-2008