?:reviewBody
|
-
Notices purporting to come from the Internal Revenue Service (IRS) make good phishing bait for a number of reasons: A March 2006 mass phish e-mailing took advantage of those points, spamming millions of Internet users with phony notices that included the IRS logo, advised recipients they were eligible to receive tax refunds (of $63.80 or $163.80), and invited them to click on a link which took them to an IRS web site form through which they could claim those refunds. Of course, the links included in the messages didn't actually send users to the genuine IRS web site; they redirected claimants to impostor IRS sites (hosted on servers in a variety of countries) and instructed them to enter all sorts of sensitive personal information (credit card number, expiration date, CVV code and ATM PIN) into an on-line form so that the putative refunds could be posted directly to their debit/credit card or bank accounts. Any information entered into such forms can be harvested by scammers and used for identity theft and other financial crimes. The IRS never offers refunds through e-mail or sends out unsolicited e-mails to taxpayers. When the IRS needs to contact a taxpayer, they send notice via U.S. Mail, and every such notice includes a telephone number that the recipient can call for confirmation. Should you need to visit the IRS web site for any reason, go there directly (by entering the www.irs.gov URL into your web browser) rather than following links in e-mail messages.
(en)
|