Wednesday, August 29, 2007

IRS name used to phish for ID theft victims, again!

Government agencies and trusted brands are often spoofed (impersonated) in phishing attempts, which are social engineering ploys to steal personal and financial information, and or download cybernasties (malware, crimeware) on your system. Please note the cybernasties normally steal information from your computer, also.

The information culled from you, or your computer is then used to make YOU an identity theft statistic.

In the past couple of years, spoofing the IRS has become an old story, but they keep on doing it.

Here are the most recent updates on IRS phishing scams:

Updated Aug. 24, 2007 — The Internal Revenue Service today warned taxpayers of a new phishing scam, in which an e-mail purporting to come from the IRS advises taxpayers they can receive $80 by filling out an online customer satisfaction survey. The IRS urges taxpayers to ignore this solicitation and not provide any requested information. The IRS does not initiate contact with taxpayers through e-mail.

Updated June 19, 2007 — In another recent scam, consumers have received a "Tax Avoidance Investigation" e-mail claiming to come from the IRS' "Fraud Department" in which the recipient is asked to complete an "investigation form," for which there is a link contained in the e-mail, because of possible fraud that the recipient committed. It is believed that clicking on the link may activate a Trojan Horse.

Full IRS press release on this matter, here.

Phishing isn't limited to impersonating the IRS, the APWG (Anti-Phishing Working Group) tracks this ever growing problem and offers advice on how to avoid getting hooked, here.

Previous posts about phishing attempts impersonating the IRS can be seen, here.

No comments: