It's also a new tactic for phishers. "This is new, and tremendously opportunistic," said Cluley. "The problem is that it's less likely to ring alarm bells in users' heads."
IRS spokesperson Michelle Lamishaw said that the site in question was not run by the agency, and that the IRS.gov site was safe to visit. "Our site is secure and there is no bounce," she said. "GovBenefits.gov is not an IRS.gov site."
"The IRS does not send out unsolicited e-mails," said Lamishaw. "It certainly does not send unsolicited e-mails asking for personal informational." If in doubt, consumers should contact the IRS by telephone at 800-829-1040 to determine whether the agency is trying to contact them about a tax refund.
The IRS issued a consumer alert Wednesday about the scam, and noted that this isn't the first online fraud attack the IRS has weathered. Over the years, the IRS has publicized several schemes, including abusive tax avoidance transactions, identity theft, and claims for slavery reparations.
As of mid-day Wednesday, the GovBenefits.gov site was still improperly redirecting phishing victims to the criminal site. Representatives from the GovBenefits.gov site did not respond to TechWeb's request for comment.
"This is a warning to every business and agency that runs a Web site to be very careful that it cannot be abused to bounce surfers elsewhere," added Cluley.