Phishers preying on tax payers

Hit Counter
Since 12-12-05


Scammers have discovered a loophole in the IRS website that allows creating of an almost undetectable replica of the real thing. In fact, temporarily you are directed to the real website, but not for long. The IRS has been urging the use of their online tax submission forms but now it could be putting tax payers at risk of fraud. Read more about what to look for and how to avoid this scam here.

Phishers trying to reel in taxpayers

E-mails urge recipients to access bogus site for tax refund
By Daniel Sieberg

Wednesday, November 30, 2005; Posted: 8:27 p.m. EST (01:27 GMT)

(CNN) -- A British Internet-security firm is warning people to not get hooked by an e-mail scam promising tax refunds from the U.S. Internal Revenue Service.

The e-mails, known as a "phishing" scam in technology speak, exploit a loophole allegedly built into the real IRS Web site, according to the firm, but instead of getting money back from the government, those biting on the scam could be giving away the contents of their bank accounts.

The messages, which started earlier this week, say that the recipient has only 12 days to claim a $572 tax refund and that the necessary forms can be accessed on the IRS Web site. It slyly states that refunds are often overlooked for a variety of reasons and encourages people to access the forms immediately.

Phishing scams have been around for years and their success usually hinges on the perceived legitimacy of the e-mails, which often include official logos and language. Typically, they ask for personal information like Social Security or bank account numbers.

Recent media stories have warned people not to be baited into phishing scams that include links within an e-mail message, but this time, the phishers tell the recipients that the link can be cut and pasted into a browser.

Making the scam even more effective is that the address appears legitimate -- an extension of the www.govbenefits.gov  site -- but the site is bogus.

It appears real because the phishers have found a flaw in the design of the IRS Web site, one that allows them to "bounce" people to the fake site, according to Sophos, a company that tracks malicious Internet programs.

"The phishers are taking advantage of an apparent security configuration error on the real U.S. government Web site, which is allowing them to redirect visitors to a bogus Web site," says a Sophos news release.

The IRS is contesting this claim, saying its site is completely secure. "Any Web vulnerabilities exploited by this scam are not caused by the IRS site," said an e-mail from an IRS representative, who added that no changes have been made to the site as a result of this scam.

In a written statement, the IRS reminded taxpayers that it doesn't send unsolicited e-mails, it will never ask for personal or financial information via e-mail and there is no special form to obtain tax refunds.

The fake Web site has been taken down, but it easily could be resurrected at any time, said Graham Cluley, a Sophos senior technology consultant. He added that the number of IRS phishing e-mails is relatively low right now and he doesn't know where they originated.

In its statement, the IRS asked taxpayers curious about their account -- including any potential refunds -- to call 1-800-829-1040.