IRS Internet Scams: If the Tax Man Emails You Out of the Blue, It's Fraud. Always.
Nov 16th 2012 6:00AM
Updated Feb 15th 2013 4:40PM
Here's the note our editor got in her inbox:
Subject: Tax Notification
Our Ref. S/11434/12
Your Ref. 18B/765/12
NOTICE OF TAX RETURN FOR YEAR 2011
Dear Taxpayer, I am sending this email to announce: After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax return of: $253.04
To receive your return, you need to register for an e-Services account: Click here to register If you already have an e-Services account:
Click here to login For more info on government services go to www.irs.gov
It's tempting to take the bait. After all, who wouldn't want an extra $253.04?
But when DailyFinance followed up with the IRS, which is known for confusing documents, the agency made itself crystal clear: "The IRS does not initiate contacts with taxpayers through email," spokesman Anthony Burke said. "Our contacts go out to taxpayers through the U.S. mail. If we're sending you a notice of some sort, if there's a tax petition suit, you're going to get mail from us."
As with any email phishing scam, the danger is that if you follow the link, you could end up with a malware infection, such as a Trojan horse that logs your keystrokes and allows a hacker to gain access to your bank accounts.
In this case, the sending domain -- GIRS.com -- might at first glance be mistaken for an IRS site, but the URL actually sent recipients to a phishing page hosted in Saudi Arabia, according to Chester Wisniewski, a senior security adviser at digital security firm Sophos.
These days, Wisniewski noted, the majority of phishing and malware scams originate in the former Soviet Union, but in some ways, it's getting harder to tell. "They're hiring people to write professional English," he said. "The 419 guys are still writing broken African English. Small businesses in China trying to sell me large quantities of cheap goods and LED light bulbs -- there's lots of broken English. But the Russians behind banking fraud seem to be bringing more well-trained English [speakers]."
The result: What had been one of the biggest red flags of an Internet scam -- poor English -- is no longer one you can count on spotting.
The lesson is, if you're the least bit suspicious, don't take the bait. "I wouldn't give the IRS my email," Wisniewski said. "If your 'Spidey-sense' is tingling, just delete."
Jo-Stewart Rattray, the director of information systems security firm ISACA, advises going one step further.
"Pick up the phone and verify with the organization directly," she said. "Generally this is not the way that the IRS or banks choose to communicate with their taxpayers or customers ... The rule of thumb is, if it sounds too good to be true, it almost certainly is."