Fake IRS E-Mail Scam Goes Phishing - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
11/30/2005
03:08 PM
50%
50%

Fake IRS E-Mail Scam Goes Phishing

Users are now being targeted with a new phishing attack posing as a tax refund from the Internal Revenue Service.

"This is more advanced than the typical phish, because the link really does, at first, take you to the real benefit site. The phishers didn't need to hack into or compromise the government site to do this, the Web site has simply had this vulnerability on it all along," added Cluley.

It's also a new tactic for phishers. "This is new, and tremendously opportunistic," said Cluley. "The problem is that it's less likely to ring alarm bells in users' heads."

IRS spokesperson Michelle Lamishaw said that the site in question was not run by the agency, and that the IRS.gov site was safe to visit. "Our site is secure and there is no bounce," she said. "GovBenefits.gov is not an IRS.gov site."

"The IRS does not send out unsolicited e-mails," said Lamishaw. "It certainly does not send unsolicited e-mails asking for personal informational." If in doubt, consumers should contact the IRS by telephone at 800-829-1040 to determine whether the agency is trying to contact them about a tax refund.

The IRS issued a consumer alert Wednesday about the scam, and noted that this isn't the first online fraud attack the IRS has weathered. Over the years, the IRS has publicized several schemes, including abusive tax avoidance transactions, identity theft, and claims for slavery reparations.

As of mid-day Wednesday, the GovBenefits.gov site was still improperly redirecting phishing victims to the criminal site. Representatives from the GovBenefits.gov site did not respond to TechWeb's request for comment.

"This is a warning to every business and agency that runs a Web site to be very careful that it cannot be abused to bounce surfers elsewhere," added Cluley.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Commentary
Is Cloud Migration a Path to Carbon Footprint Reduction?
Joao-Pierre S. Ruth, Senior Writer,  10/5/2020
News
IT Spending, Priorities, Projects: What's Ahead in 2021
Jessica Davis, Senior Editor, Enterprise Apps,  10/2/2020
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll