Tax Scams Started Circulating Again
The EFTPS scam that was making the round last fall has again gained momentum. However, this time the e-mail has been changed a little bit to make it more authentic, as reported by HELP NET SECURITY on June 23, 2011.
The subject line says, "Your federal tax payment was rejected." The security experts opined that, it is quite natural for even the most careful user to click on anything in sight as they urgently want to solve the disturbing news.
The e-mails use "irv.gov" addresses with forged employee names in the "from" field. The image is installed from the IRS website. The neat attachment of "self-extracting archive" is mentioned next to the file name- reportedly to pacify the users' fears, who are careful of opening executable files.
The source of the e-mail varies from a Russian, Ukraine, and Dutch e-mail accounts, not the IRS, despite the address claiming to be from "irs.gov." The e-mail carries a link, which can be downloaded as a pdf. The link, probably, has a virus that can hit users' computer or direct to a fake form or website posing as an authentic IRS form or website for stealing the identity or otherwise using users' financial details.
As per Commtouch Labs, there are some clues that this is a scam. Firstly, the e-mail was sent to many people. An agency, like the IRS would not do that anyhow, for security reasons, as everyone's e-mail addresses are visible. Secondly, the IRS never uses e-mail to contact taxpayers about problems.
The most recent scam seems to hit private tax accounts. The objective is to gather private and financial details used by the hackers to commit ID thefts. These kind of information can be used for stealing bank accounts, running up charges on the credit cards, apply for loans, and file fake tax returns in the name of taxpayer seeking a refund.
However, the IRS records a list of schemes, which includes phishing efforts associated with the Making Work Pay Credit, on its website. User can contact the IRS at 800-829-1040 and can forward any suspected scam e-mails to the IRS at email@example.com.
Related article: TCU Graduate Seeks Professional Help to Invade University Network
» SPAMfighter News - 04-07-2011