Sat, July 26, 2008
Beware of phony e-mails claiming to be from the IRS
Well, it seems late in the year for this, but today I received the first phony IRS e-mail of the season. The message appears to be a "phishing" scam in which I'm suppose to click on a fake IRS link provided in the message. Clicking the link would take you to an official-looking site that would collect confidential information - most likely, the thieves are looking for Social Security numbers. The IRS has noted a number of e-mail and telephone scams involving IRS impersonators; the stimulus rebates this year provide another premise for identity thieves to use as they "reach out" to potential prey.
“After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $863.80.
Please submit the tax refund request and allow us 6-9 days in order to process it.
A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.
To access the form for your tax refund, please click here.
Regards,
Internal Revenue Service”
The “hook,” obviously, is the implied threat that you will not get your refund until you respond.
The message came complete with the official-looking IRS logo, but there are at least three key indications that this is a bogus message:
The most important evidence that this has to be a phony message is that the IRS does not initiate contact with taxpayers by e-mail. The IRS advises that if you have received a message that claims to be from them, you should (1) not reply, (2) not open any attachments, and (3) not open any links. If you are unfortunate enough to have clicked on a link in a message supposedly from the IRS, you should go to the IRS Identity Theft page and follow the advice provided there.
Second, this particular message was not sent to my personal e-mail address. If I’ve given my e-mail to the IRS at some point in the past, this definitely wasn’t the address I used.
Third, the return address on the e-mail is not in the irs.gov domain; it’s from an address at system.irs.net.
Still, they get a few credibility points for throwing in the IRS logo. I’m sure that will help trick quite a few people into disclosing their information.