MSMVPS.COM

The Ultimate Destination for Blogs by Current and Former Microsoft Most Valuable Professionals.
Welcome to MSMVPS.COM Sign in | Help
in Search
Home Blogs Media Groups

Harry Waldron - Microsoft MVP Blog

Security News and Best Practices for corporate and home users

New Phishing Scam - Uses upcoming IRS Stimulus Rebate to trick users

The most recent Government Computer newsletter is warning of a new well-designed IRS phishing scam. This attack appears to related to the upcoming IRS rebates that are part of the 2008 Government Stimulus Package. While the email looks official and the social engineering is well done, it is important to recognize that the IRS and banks do not use email as a method of contacting individuals. They usually will call or conduct official business by mail only. Please avoid these attacks, as entering your bank account information into the realistic but false website could mean real losses of money from these criminals. It could also take months to clean up activity after an individuals credit or bank account information has been compromised.

Phishing scam uses IRS rebate line to reel in victims
http://www.gcn.com/online/vol1_no1/46153-1.html
http://www.mxlogic.com/itsecurityblog/1/20...us-Payments.cfm
http://mxlogic.com/itsecurityblog/1/2008/0...shing-Twist.cfm

QUOTE: The tax filing season is past, the economic stimulus rebate season is upon us, and the phishers are changing their bait. The lure this time is the $600 rebate ($1,200 per household) that the Internal Revenue Service will begin sending to taxpayers in May and a supposed opportunity to speed up the process. E-mails purporting to be from the IRS are arriving in inboxes with instructions to recipients that if they visit the linked Web site and provide bank account and routing numbers their rebate can be deposited directly to the account more quickly. To add an element of urgency, the message includes a deadline — April 24 — for providing information, but that is likely to change.

Right on cue we are starting to see phishing scams with an economic stimulus payment flavor. As we discussed in one of the IRS phishing scam blog entries we predicted that as the economic stimulus payment distribution got closer (currently scheduled to begin May 2nd based on the last two digits of your Social Security Number) we would start to see more scams around these payments. We are starting to see some of the first iterations of those scams today.



EXAMPLE OF NEW PHISHING ATTACK:

TO: ***************
FROM: service@irs.gov
SUBJECT: 2008 Economic Stimulus Refund.

Over 130 million Americans will receive refunds as
part of President Bush program to jumpstart the economy.

Our records indicate that you are qualified to receive the
2008 Economic Stimulus Refund.

The fastest and easiest way to receive your refund is by
direct deposit to your checking/savings account.

Please click on the link and fill out the form and submit
before April 24th, 2008 to ensure that your refund will be
processed as soon as possible.

Submitting your form on April 24th, 2008 or later means that
your refund will be delayed due to the volume of requests we
anticipate for the Economic Stimulus Refund.

Only published comments... Apr 24 2008, 01:28 PM by harry

Leave a Comment

(required) 
(optional)
(required) 
Submit

This Blog

Syndication

Recent Posts

Archives

Personal Links


Copyright © is the original authors. Blog site is an independent site not sponsored by Microsoft. The Yoda blog server and the Brianna SQL server would like to thank www.ownwebnow.com and www.exchangedefender.com. They wouldn't be here and broadcasting without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems