Stimulus Checks: A New Theme for Phishing
The US Treasury Inspector General for Tax Administration, the Internal Revenue Service (IRS) together with the Attorney's Office are seeking help to halt e-mail scams that are targeting taxpayers and using the economic stimulus check payments as a phishing bait, says a press release from the IRS and the Department of Justice, as reported by The Tribune on May 8, 2008.
Cyber criminals are sending phishing e-mails that seem to be come from the IRS, and ask for financial and personal information. The messages seem to be legitimate as they bear the official logo of the IRS, and discuss audit notices, tax refund, economic stimulus and treasury checks payments.
The Federal Bureau of Investigation has also alerted consumers about the spam mail recently reported. The message suggests the recipient to choose the direct deposit mode, as it is the easiest and fastest way to get one's tax refund.
The e-mail also carries a link leading to a fake form, which asks the recipient to fill in his identifiable information for e.g. bank account details. To appear convincing, the message warns that if the form is not completed, it would delay the tax refund check in getting issued.
But it is confusing how the messages appear absolutely flawless with the logos looking exactly alike the symbols of the monetary institutions they feign to represent. Further, scammers and phishers don't dispatch "official" notifications in broken English unlike previously, when it was easier to distinguish a fraudulent message from a legitimate one.
The spoofed e-mails are arriving from various countries worldwide. A number of variations in the topic of the IRS and phishing involve tax refunds, probes, surveys and currently stimulus payment. Con artists are sharpening their skills, making their stories appear more plausible. Therefore, agencies warn that everyone likely to be affected must exercise caution to thwart the criminals' ploys.
The IRS insisted that it doesn't send an e-mail asking for citizens' personal information for issuing any payment. Meanwhile, the IRS and FBI have suggested taxpayers to resist replying to the e-mails. Also, users receiving a suspicious e-mail are urged to forward it to firstname.lastname@example.org for the IRS to investigate.
» SPAMfighter News - 14-05-2008