Saturday, February 02, 2008

The IRS must be a great lure to go phishing and vishing with!

It should be no surprise that scam artists, fraudsters and other internet misfits are trying to cash in on the economic stimulus package being proposed by the powers that be in Washington.

The odd thing is the come-on, a tax rebate, hasn't even been approved yet.

The most accurate information I could find on this latest trend was from the IRS, who is being impersonated once again. They've gained considerable experience with this type of scam recently with their name being used (frequently) as a fake "badge of authority" (lure) to trick people into becoming an identity theft statistic.

From the IRS site (published on January 30th):

The Internal Revenue Service today warned taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond.

The IRS cautioned taxpayers to be on the lookout for scams involving proposed advance payment checks. Although the government has not yet enacted an economic stimulus package in which the IRS would provide advance payments, known informally as rebates to many Americans, a scam which uses the proposed rebates as bait has already cropped up.

The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft.
The bottom line is that the IRS is not going to send you an e-mail, or call you on the telephone asking for personal information.

Trust me, they already have it if you are due to receive money from them!

Variations of the recent scams include a tax rebate phone call, refund spam e-mail, audit e-mail (besides money fear is a common lure), changes to tax law e-mail, and a telephone scam claiming the IRS has sent a paper check and needs to verify your banking information.

So far as the e-mails, they sometimes contain links that load malicious software (designed to steal more information). Although not mentioned in the IRS release, a new phenomenon called "drive by pharming" was recently seen in the wild (on the Internet).

Here is what I wrote about "drive by pharming" in a previous post:

"Pharming (pronounced farming) is a Hacker's attack aiming to redirect a website's traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software," according to Wikipedia.
Spam e-mail is becoming more dangerous all the time. Most of these lead to fake websites, or blogs that can download malware on a system by merely visiting them.

So far as the surge in using the telephone to scam information, often referred to as vishing -- VoIP technology (super cheap long distance) has made this easy to do. From what I hear, a lot of it is being done across International borders, which makes prosecution difficult, also.

The IRS release warns that the caller might sound foreign. This is a good tip, but with call centers being outsourced all over the world, it's becoming pretty common to speak to someone on the telephone with an accent.

The safest bet is to give out no personal information to anyone, no matter how official they might seem when they it solicit via telephone, or over the Internet.

The press release does offer resources to report any suspected scams. Please note, that paragraph one is an extremely good tip!

Anyone wishing to access the IRS Web site should initiate contact by typing the address into their Internet address window, rather than clicking on a link in an e-mail or opening an attachment.

Those who have received a questionable e-mail claiming to come from the IRS may forward it to a mailbox the IRS has established to receive such e-mails,, using instructions contained in an article titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.” Following the instructions will help the IRS track the suspicious e-mail to its origins and shut down the scam. Find the article by visiting and entering the words “suspicious e-mails” into the search box in the upper right corner of the front page.

I know a lot of us simply hit delete when we see this stuff, but if it didn't work, the phishermen wouldn't keep doing it. We should all consider reporting it a "act of kindness" towards those, who might fall for this.

The people at the IRS fighting this could certainly use the HELP! It might eventually lead to the people behind this being held accountable.

Those who have received a questionable telephone call that claims to come from the IRS may also use the mailbox to notify the IRS of the scam.
IRS release, here.

Previous posts about the IRS being used as a lure from this blog, here.


Anonymous said...

Thats a very interesting article and we'll worth the read.
It's amazing how popular the IRS scam is with several different variations they use.

Anonymous said...

To protect yourself against these kinds of things. Just take a second to question emails and phone calls. Even if the email is from someone you know ask yourself if it makes sense. Does that person normally send you this type of email? Is this something they would call you about instead? Just try and get in the habit of practicing good security practices all the time. Make sure your company has extensive security practices in including vulnerbility assessments and employee training.