News

Another Phishing Scam Spoofs IRS

A new scam to steal personal and financial information through a combination of e-mail and phone calls surfaced last week, masquerading as an urgent message from the IRS about a tax refund.

Vishing, or voice phishing, "is still a new technique," said Sam Masiello, director of threat management at MX Logic. "But it's becoming more prevalent," because it offers scammers a way to get around blacklists used to block traffic to malicious Web sites. Instead of including a link to a Web site in the fraudulent e-mail, recipients are asked to call a phone number and are then asked for credit card information.

Another advantage for criminals of vishing is that people who might be wary of Web links might trust a phone number.

The latest scheme is just the latest in a series of tax-season frauds that have appeared in the last few years, usually during the run-up to the April 15 deadline for filing personal tax returns.

Although the number of e-mails being sent out is relatively small, "we are seeing an increase in the level of aggression in the IRS scams this year," Masiello said.

The subject line in the most recent scam is "Internal Revenue Service Tax Refund," and the body of the message informs the recipient that there is a $215 refund awaiting them, with an expiration data to add a sense of urgency. The message also says, "Attention! Tax refunds can be sent only to VISA or Mastercard DEBIT CARDS." Recipients are urged to call a telephone number with a 602 Arizona area code to provide the needed financial information.

Needless to say, the IRS does not contact people by e-mail and do not need credit or debit account information to provide refunds. IRS and Treasury Department scams are expected to continue this year well past the usual tax season because of rebates being issued as part of the economic recovery program. Keep an eye on your inbox for bogus e-mails that are expected to begin appearing probably next month.

"We see that as another topic of scams," Masiello said. "We don't know what they are going to be exactly, but we do expect to see them."

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.