As our favorite time of the year – tax season – approaches, everyone is looking to pay as little as possible. But if you aren’t careful, you’ll end up paying much, much more than you thought.
Cybercriminals see tax season as a time of opportunity. After all, there’s a whole nation of people who want to hear about returns and loopholes. Many cybercriminals send mass phishing emails containing fake information about tax returns or filing, then wait for people to bite. We’ve seen some of these scams before.
The IRS and CERT issue reminders about these scams. Be wary of links to outside websites, especially ones claiming to be filing services or informative sites, and remember that you should never disclose your personal information over email.
This morning we have begun receiving reports of phishing scams baited with information allegedly from the IRS about a problem with the recipient’s tax refund. As Michael Hickins, Wall Street Journal, pointed out in a March 2011 blog post,
It’s tax season, which means cyber-thieves are trawling the Web and sending counterfeit email in the hopes of snaring your personal tax data. And they’ve created websites with reasonable-seeming addresses and legitimate-seeming emails in order to lure unsuspecting citizens into clicking on the wrong link or downloading a virus-laden PDF.
Below is a sample phish that landed at UDel.edu this morning.
Click on the image to see a larger version of this phishing scam alleging to be from the IRS.
This is not a very convincing scam, with
- interesting grammar,
- an incomplete address and strange hours in the signature block,
- a link to a site in Germany for you to enter your information,
- email about “your” refund being sent to a mailing list,
- and so on. One version of this scam claims the IRS is contacting you about your state tax refund.
But as we get deeper into tax season, be on the lookout for better forgeries claiming to be from the IRS. They all are trying to make you react to the shock of having a tax problem — “Oh, no! My refund has a problem!” [click] — without thinking it through.
As the IRS itself says,
The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.
Report Phishing, IRS Web page, 10/18/2012
If you receive a phishing message claiming to be from the IRS, you can report it to firstname.lastname@example.org — then delete the phishing message.
This morning, US-CERT (Computer Emergency Response Team) posted a warning at their Web site about IRS and tax phishing scams. It is that time of year!
As they point out in their warning,
These messages, which may appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.
The US-CERT warning also includes links to many useful documents to help you recognize and avoid these and other phishing scams, including a link to a good article posted at the Wall Street Journal Web site last week: Cybercrooks digging for tax data.
This one was seen at UD on October 10. Key giveaways this is a phish?
- Like the IRS is really going to use a linkedin.com address for the “Reply-To” address.
- Hover your mouse over the “review page on irs.gov” text. Lo and behold, that’s not a link to a legitimate IRS Web page.
- The IRS does not initiate taxpayer communications through email. Don’t believe us? Then maybe you should check out the snopes.com page about this very scam. Scroll down to the bottom for information about reporting this kind of scam directly to the IRS.