Fake IRS E-Mail Scam Goes Phishing - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
11/30/2005
03:08 PM
50%
50%

Fake IRS E-Mail Scam Goes Phishing

Users are now being targeted with a new phishing attack posing as a tax refund from the Internal Revenue Service.

"This is more advanced than the typical phish, because the link really does, at first, take you to the real benefit site. The phishers didn't need to hack into or compromise the government site to do this, the Web site has simply had this vulnerability on it all along," added Cluley.

It's also a new tactic for phishers. "This is new, and tremendously opportunistic," said Cluley. "The problem is that it's less likely to ring alarm bells in users' heads."

IRS spokesperson Michelle Lamishaw said that the site in question was not run by the agency, and that the IRS.gov site was safe to visit. "Our site is secure and there is no bounce," she said. "GovBenefits.gov is not an IRS.gov site."

"The IRS does not send out unsolicited e-mails," said Lamishaw. "It certainly does not send unsolicited e-mails asking for personal informational." If in doubt, consumers should contact the IRS by telephone at 800-829-1040 to determine whether the agency is trying to contact them about a tax refund.

The IRS issued a consumer alert Wednesday about the scam, and noted that this isn't the first online fraud attack the IRS has weathered. Over the years, the IRS has publicized several schemes, including abusive tax avoidance transactions, identity theft, and claims for slavery reparations.

As of mid-day Wednesday, the GovBenefits.gov site was still improperly redirecting phishing victims to the criminal site. Representatives from the GovBenefits.gov site did not respond to TechWeb's request for comment.

"This is a warning to every business and agency that runs a Web site to be very careful that it cannot be abused to bounce surfers elsewhere," added Cluley.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Slideshows
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Can Low Code Measure Up to Tomorrow's Programming Demands?
Joao-Pierre S. Ruth, Senior Writer,  11/16/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll