Phishing Site Purports to be from IRS
Phishers are once again exploiting the name of IRS (Internal Revenue Service) to launch a new scheme to send fraudulent e-mails to as many addresses as possible. The scam directs the recipients to a Website named "Get Your Tax Refund!" that falsely mimics the IRS site "Where's My Refund?" The site then asks for credit card and Social Security numbers.
Media contact of IRS for the state of Alaska, Judy Monahan, reiterated that IRS doesn't write and dispatch unsolicited e-mails and never asks for confidential financial information like account passwords or personal identification numbers. Peninsula Clarion reported this on October 4, 2007.
IRS and Monahan first came to know about the phishing scam on September 19, 2007 when complaints from consumers poured in. Whenever IRS receives such complaints, they forward them to the office of TIGTA or The Treasury Inspector General for Tax Administration, which determines the source of those e-mails and their senders.
In September, the phishing e-mail pretending to be one from IRS suggested that the recipient was entitled for a refund. On responding to the first e-mail, a second one followed carrying a threatening message.
IRS Media Relations spokesman Jesse Weller said those people who receive such dubious e-mails showing IRS signature shouldn't open the attachments or enter any link within the e-mail. Here, IRS advises users to forward those e-mails to firstname.lastname@example.org. MercuryNews reported this on October 8, 2007.
TIGTA's congressional media spokeswoman Bonnie Heald reported that approximately 32,337 complaints relating to the threat of September 19 came in from across the nation. Peninsula Clarion reported this on October 4, 2007. TIGTA has traced the phishing scams to 55 countries and recognized 338 different sites hosting the scams. However, there hasn't been any arrest so far.
Jesse Weller informed that IRS along with TIGTA work closely with US-CERT (Computer Emergency Readiness Team) and the different international CERT teams and ISPs to identify and shut down phishing sites as quickly as they get to know about their existence. Since 2006, IRS has got over 17,000 e-mails from consumers reporting 240 unique phishing incidents.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 30-10-2007