News

Another Phishing Scam Spoofs IRS

A new scam to steal personal and financial information through a combination of e-mail and phone calls surfaced last week, masquerading as an urgent message from the IRS about a tax refund.

Vishing, or voice phishing, "is still a new technique," said Sam Masiello, director of threat management at MX Logic. "But it's becoming more prevalent," because it offers scammers a way to get around blacklists used to block traffic to malicious Web sites. Instead of including a link to a Web site in the fraudulent e-mail, recipients are asked to call a phone number and are then asked for credit card information.

Another advantage for criminals of vishing is that people who might be wary of Web links might trust a phone number.

The latest scheme is just the latest in a series of tax-season frauds that have appeared in the last few years, usually during the run-up to the April 15 deadline for filing personal tax returns.

Although the number of e-mails being sent out is relatively small, "we are seeing an increase in the level of aggression in the IRS scams this year," Masiello said.

The subject line in the most recent scam is "Internal Revenue Service Tax Refund," and the body of the message informs the recipient that there is a $215 refund awaiting them, with an expiration data to add a sense of urgency. The message also says, "Attention! Tax refunds can be sent only to VISA or Mastercard DEBIT CARDS." Recipients are urged to call a telephone number with a 602 Arizona area code to provide the needed financial information.

Needless to say, the IRS does not contact people by e-mail and do not need credit or debit account information to provide refunds. IRS and Treasury Department scams are expected to continue this year well past the usual tax season because of rebates being issued as part of the economic recovery program. Keep an eye on your inbox for bogus e-mails that are expected to begin appearing probably next month.

"We see that as another topic of scams," Masiello said. "We don't know what they are going to be exactly, but we do expect to see them."

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

  • Penguin

    Windows 10 Preview Build 18917 Shows Off New Linux Integration

    Microsoft's latest Windows 10 "fast-ring" preview release is showcasing a coming Delivery Optimization enhancement, along with the ability to try the newly emerged Windows Subsystem for Linux version 2.

  • Customizing Microsoft Office 365

    While the overall look and feel of Office 365 is pretty standard across organizations, there are several ways to personalize it and make it fit better with your company's specific needs.

  • Microsoft 365 Business Tenants Getting Conditional Access and Trouble-Ticket Features

    Microsoft added its conditional access security service to Microsoft 365 Business subscriptions, according to a Wednesday announcement, and it also added new trouble-ticket features for Microsoft 365 administrators.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.