IRS Used as phishers’ Popular brand
Security officials at the IRS (Internal Revenue Service), the tax-collecting agency in the US, warned on February 20, 2008 at the Washington hosted Black Hat DC Conference that fraudsters were increasingly aiming at taxpayers with phishing attacks in the form of IRS messages.
Andrew Fried, special federal agent, Treasury Inspector General for Tax Administration, said that there has been an increase in phishing activity by more than 12 times over 2007 and all phishing scams exploited the IRS name. However, the agency had to tackle with one phishing site each for 2003 and 2004, as reported by GCN on February 20, 2008.
Fried also said that the IRS has shut down over 1,630 phishing sites so far, out of which 1% of the total fraudulent e-mails tried to use the name of IRS to steal account credentials or private information from consumers. Since, the first appearance of bogus IRS phishing sites that tried to entice greedy or unwary taxpayers in 2003, its number has steadily increased.
Moreover, IRS security experts estimate that nearly one in 300 computers has malware infection and they could be used for launching the phishing attacks. But, Fried thinks the number could be more, around one in a count of 25 PCs or even one in a group of 10.
The problem can be grim because home users are totally unfamiliar with how to keep their computers secured. The IRS estimates that between 4% to 10% of home computers have infections either of a virus or Trojan. Also, people readily or inadvertently share their private information about income tax returns on file-sharing peer-to-peer networks.
Fried also said that often anti-virus vendors failed to detect malware in e-mails that perpetrated to be come from the IRS. In one recent scam, e-mail carrying a sinister code pretended to be a complaint lodged with the IRS but no anti-virus program could detect it.
Apart from phishing attacks that masquerade as e-mails from the IRS, scams like the Nigerian money scheme have started. In these, the scammers ask the taxpayers to make a fee payment in an Internet account as processing amount to receive a tax refund.
Related article: IRS Cautions Taxpayers of Recent Email Scam
» SPAMfighter News - 27-02-2008