After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $939.40. – Fraudulent IRS email
Now who wouldn’t be thrilled to receive an email informing them that U.S. Internal Revenue Service is going to play Santa Clause and give them $939.40? Well I wouldn’t object, and I suspect you wouldn’t either. Like you, I can think of a few places where this unexpected windfall could be put to good use.
Despite the fact that I am a Canadian, and I reside in Canada, it seems the U.S. Government is eager, and determined, to give me money for the third time in just a few months. Yes, this is the third such scam email I have received in just the last few months.
Since I am a Canadian I do not file U.S. income tax returns and I do not qualify for a refund from the IRS. Despite this, the cyber-criminals responsible for this fraudulent email were optimistic that I would click on the enclosed email link.
Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun a process in which the scammers would have stripped me of all the confidential information I was willing to provide.
Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth. The financial and personal details entered into this fraudulent web site are harvested by cyber-crooks who would have used this information to commit identity and financial theft.
The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to discover the current status of your tax return, or your tax refund.
According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS confirms that by their estimates, 1% of all spam email is an IRS phishing scam.
What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.
You know what to do right? Follow the tips below to protect yourself against these threats:
- Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
- Don’t open emails that come from un-trusted sources.
- Don’t run files that you receive via email without making sure of their origin.
- Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
- Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan.
Be kind to your friends, relatives, and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.
To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.
The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, firstname.lastname@example.org.
Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.