Incident Response, TDR

Phishing campaign lures victims with offer of IRS refund

While most people would relish getting money back from the IRS, recent emails notifying users of IRS refunds are part of a phishing ruse which uses texts that mimics a campaign from 2006, according to blog post by researchers at PhishMe.

If a user clicks on a link in the email, they're asked to fill out a form that includes a request for credit/debit card information. Once they submit the form they receive an error message that the page didn't work. PhishMe notes that the attack is classic phishing, but it is most certainly a clumsy attempt complete with misspelled words and a data field that lets the victim specify the amount of the refund.

The text and format mirror a previous campaign found archived on an IRS phishing webpage. The email originated in Tel Aviv, the blog post said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.