IRS phishing scam targets stimulus payments

Share this article:
IRS phishing scam targets stimulus payments
IRS phishing scam targets stimulus payments
As might be expected, email users are beginning to see the first stages of what is expected to be a major phishing attack capitalizing on the populace's eager expectation of IRS refund checks, as well as the Bush administration's economic stimulus payment distribution, scheduled to begin May 2.

Similar to other iterations of this scheme, this one also has an IRS logo at the top of the message copied directly from the IRS website, according to an entry on the MX Logic IT Security Blog.

Researchers at MX Logic report that samples they are seeing allege to be from "service@irs.gov" and have a subject line of "2008 Economic Stimulus Refund."

The phish content says something like: "Over 130 million Americans will receive refunds as part of President Bush's program to jumpstart the economy." Or, "Our records indicate that you are qualified to receive the 2008 Economic Stimulus Refund," or some variation along these lines.

But by clicking on the link, instead of a payoff, unwary computer users land on a prototypical phishing site, said MX Logic.

Once there, they are prompted to enter their bank routing number and checking account number with the promise that the rebate will be directly deposited into their checking account.

Sam Masiello, director of threat management at MX Logic, told SCMagazineUS.com today that his company expected to see these sorts of scams emerge at this time after last month's deluge of phishing spam in advance of the April 15 tax deadline.

The $168 billion expected to be dispersed via this economic stimulus payment distribution is quite an incentive for cyberthieves preying on email users, says Masiello. He added that the tactic of establishing a sense of urgency to trick end-users may prove to be effective.

In fact, this reporter received two versions of this scheme today (see image) allegedly from "Internal Revenue Service (IRS) <admin@irs.gov>." Fortunately, clicking through on the link is denied by the corporate network protection here.

While there may not be a lot that consumers can do to block these phishing emails from coming into their inboxes, a page on the IRS website offers consumers a way to at least report the receipt of phishing scams. By doing this, the IRS said, it can "...use the information, URLs and links in the suspicious emails you forward to trace the hosting website and alert authorities to help shut down the fraudulent sites."

"This is largely an education issue," said Masiello. "End-users need to be alerted to the fact that the IRS will never communicate via email. The IRS does not know, nor does it care to know, your email address. Getting word out is key."

This is about the time that Masiello expected to start seeing these scams start coming out, and this certainly won't be the last of them, he said -- especially since the distribution of the stimulus payments is expected to last a couple of months.

And what's to come? Masiello warned that he expects there to be a follow-up to this current tax refund scam. "Be on the lookout for potential scams that try to get people to invest their tax refunds in fraudulent schemes."

Also, he said, other likely possibilities in the near future are the return of stock pump-and-dump scams and a blast advertising retail gift cards that promise extra bonuses.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.