Phishing bait: Notice from the IRS indicating the recipient is eligible for a tax refund.
Example: [Collected on the Internet, August 2007]
|
From: "Internal Revenue Service"
Subject: IRS Notification - Fiscal Activity
Date: Sun, 26 Aug 2007 23:57:35 +0300
After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $268.32.
Please submit the tax refund request and allow us 6-9 days in order to process it.
A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.
To access the form for your tax refund, please click here
Regards,
Internal Revenue Service
© Copyright 2007, Internal Revenue Service U.S.A. All rights reserved.
|
Origins: Notices purporting to come from the Internal Revenue Service (IRS) make good
phishing bait for a number of reasons:
- Notices from institutions of the federal government (especially an agency with the ominous reputation of the IRS) grab people's attention.
- Unlike other phishing schemes that emulate mailings from various private financial institutions (e.g., Bank of America) and are therefore easily recognized as phony by many recipients (because they do no business with those companies), a forged IRS notice has the potential to take in a much larger pool of victims, as most adult U.S. residents have dealings with that agency.
- Many people find the federal income tax filing process complicated and confusing, so the idea that they might have unclaimed tax refunds waiting for them seems plausible.
An August 2007 mass phish
e-mailing took advantage of those points, spamming millions of Internet users with phony notices
that advised recipients they were eligible to receive tax refunds (of amounts such as $109.30 or $268.32) and invited them to click on a link that took them to a form through which they could claim those refunds. Of course, the link included in the messages didn't actually send users to the genuine IRS web site; it redirected claimants to an imposter site that instructed them to enter sensitive personal information (e.g.,
Social Security number and debit card number) in order to "deposit" their refunds.
The IRS never offers refunds through e-mail or sends out unsolicited
e-mails to taxpayers. When the IRS needs to contact a taxpayer, it sends notice via
U.S. Mail, and every such notice includes a telephone number that the recipient can call for confirmation. Should you need to visit the IRS web site for any reason, go there directly (by entering the
www.irs.gov URL into your web browser) rather than following links in
e-mail messages.
Says the IRS about such e-mails:
The IRS does not initiate taxpayer communications through e-mail. In addition, the IRS does not request detailed personal information through e-mail or ask taxpayers for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.
Do not open any attachments to questionable e-mails, which may contain malicious code that will infect your computer. Please be advised that the IRS does not initiate contact with taxpayers via e-mails.
The hyperlink above contains information about how to report phishing
e-mails purporting to originate with the IRS.
Last updated: 29 March 2008
The URL for this page is http://www.snopes.com/fraud/phishing/irs2007.asp
Urban Legends Reference Pages © 1995-2008 by snopes.com.
This material may not be reproduced without permission.
snopes and the snopes.com logo are registered service marks of snopes.com.
Sources:
- Price, Wayne T. "Scam Poses as IRS Solicitation."
- Florida Today. 28 August 2007.
