Despite the fact that I am a Canadian it seems the U.S. Government, by way of the Internal Revenue Service, wants to give me money for the second time in just a few months.
Back in February of this year, I received an email indicating I could expect a tax refund of $873.20, and just in the last few days I received an IRS Tax Notification email informing me that an additional $184.80 was mine if I just clicked on the enclosed email link.
Unfortunately, since I am a Canadian I will not be getting a refund from the IRS, but the cyber-criminals responsible for this email were hopeful that I would click on the enclosed link.
Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide. Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth.
The financial and personal details entered are harvested by cyber-crooks who would then have used this information to commit identity and financial theft.
The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to find out the current status of your tax return, or your tax refund.
According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS goes on to say that by their estimates, 1% of all spam email is an IRS phishing scam.
What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.
You know what to do right? Follow the tips below to protect yourself against these threats:
- Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
- Don’t open emails that come from un-trusted sources.
- Don’t run files that you receive via email without making sure of their origin.
- Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
- Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan at www.nanoscan.com.
Be kind to your friends, relatives and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.
To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.
The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, firstname.lastname@example.org.
Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.
IRS reporting site: email@example.com