Security Architecture, Application security, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Incident Response, TDR, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

IRS spam rockets as tax deadline nears

Scammers are increasingly taking advantage of next month's income tax deadline by distributing phishing emails seeking end-users' personal information.

Researchers at anti-virus vendor Secure Computing reported last week that they saw more incidents of Internal Revenue Service and tax-related email scams during January than the entire first half of 2007 – a year-over-year spike of 3,000 percent.

The massive increase is partially due to the proliferation of do-it-yourself (DIY) phishing kits, malware and suspicious scripts associated with tax-related websites, according to Secure Computing.

“I think a lot of it has to do with DIY phishing kits that are much more readily available, and how much easier it is to infect websites to get people to come to your server,” said Paula Greve, director of web security research at the San Jose, Calif.-based vendor of enterprise gateway security solutions. “It's becoming much easier and there's a huge financial incentive. A lot of people are interested in instant gratification and they're willing to pursue these other options [for a quicker refund].”

IRS phishing scams appear yearly as millions of Americans prepare to file their tax returns before the April 15 deadline. Last summer, the traditional IRS phishing email took on a different twist when phishers specifically targeted corporate executives.

Researchers at MessageLabs, an email and instant messaging security vendor, disclosed this week that the January volume of IRS-related spam was 10 times its normal level, while tax-specific malware increased by six percent.

The New York-based vendor reported that captured phishing samples linked to numerous phishing pages. However, if the end-user completed a form requesting personal and financial information, they were re-directed to the authentic IRS page, according to analysts.

Matt Sergeant, senior anti-spam technologist at MessageLabs, told today that his company is seeing a high volume of IRS spam because of the wide distribution of botnets.

“I think the major thing [this year] is volume – there's much more this year than the previous year,” he said, describing a 100 percent increase. “It's probably because of the power of the botnets that [spammers] have access to now. The low, cheap prices and the spamming economy let them buy access to botnets at a very low price.”

Late last year, researchers warned email users about phishing messages targeting corporate executives disguised as notifications from the U.S. Treasury Department.

McAfee Avert Labs expert Vinoo Thomas said this month that his firm has captured scams purporting to offer a $375 refund to email users who disclose their personal information and financial details, such as ATM pin numbers.

The phish's corresponding website, first seen by McAfee on Jan. 28, was hosted on a legitimate U.S.-based site without the owner's knowledge, according to the Santa Clara, Calif.-based company.

The IRS, which has dedicated a section of its website to phishing and email scams, warned taxpayers last month to beware of sham emails offering advance payment checks from the federal government.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.