Phishing Scam Masquerades as IRS, Attacks Businessmen
Specialists from Sophos the security company have warned of fake e-mails posing as messages from IRS (Internal Revenue Service) that presently circulating online, are actually aiming at innocent business-owners.
Displaying captions like "IRS notification of your tax appeal status," "Your tax return appeal is declined," or "Rejection of your tax appeal," the phony e-mails tell the recipient (businessman) that he's being informed about his Income Tax (IT) Refund Appeal id#6636527, which the IRS has "DECLINED." But, in case the recipient thinks there has been some misunderstanding of the actual issues and the IRS didn't correctly evaluate his case then he must provide some extra details. Moreover, to read about the rejection particulars and for submitting his appeal again, the user must open a given attachment and follow the instructions provided inside it, the e-mails add.
The messages then sign off from the tax office namely Internal Revenue Service.
However, the attachment that's mentioned, in fact, is one malevolent HTML file that Sophos detected as Mal/Iframe-AE.
Meanwhile, the security company's Senior Technology Consultant Graham Cluley, while remarking about the new phishing scam, stated that it certainly wasn't unknown to have cyber-criminals sending bulk spam mails pretending to be communications from the tax agency. However, since such spam incidences continuously occurred, they indicated the success of the technique designed for tricking innocent people into contracting malware, he added. Nakedsecurity.sophos.com published this on March 22, 2012.
Worryingly, according to the security specialists from Sophos, it's because of the above kinds of malevolent e-mails which have resulted in an increase in malicious programs online.
Hence, for remaining safe from such malevolent electronic mails, both IRS and security specialists outline a few easy security tips. These are: not answering or viewing any attachment since the latter could have malware capable of contaminating the users' PCs like within the aforementioned instance. Also, in case anyone gets such an e-mail he must send that message, including its header information at email@example.com of the Internal Revenue Service followed with erasing it from his mailbox.
Additionally users, in general, must ensure their anti-virus software is updated as well as their wisdom alert.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 31-03-2012