Tax rebates spawn new school of phishing

The Bush administration's economic-stimulus tax rebate program, under which the Internal Revenue Service is issuing taxpayers payments of as much as $1,200, has given rise to a new wave of phishing scams, according to a new FBI notice.

The scams rely on a technique known as social engineering to trick computer users into divulging personal information that the cybercriminals or their customers can use to bilk unwary taxpayers.

The new phishing scams use spam e-mails to gull prospective refund recipients into providing their bank account information and other personally identifiable data via a fraudulent form that is attached to the original message by a hyperlink.

'To convince consumers to reply, the e-mail warns that a failure to complete the form in a timely manner will delay the issuance of the rebate check,' the bureau said in a warning.

The bureau urged people to use caution when dealing with e-mail from unknown senders, repeating the frequently heard warning that such electronic messages often include malware. The FBI notice also included examples of the types of deceptive wording the phishing e-mails have used.

The latest FBI warning about the online flood of fraudulent tax refund e-mails comes on the heels of a rising tide of IRS-related online fraud, as reported by GCN. The recent notice follows earlier warnings on the same topic by MX Logic, which predicted the fraud tactic earlier this year.

The bureau's fraud notice also echoes IRS' own anti-phishing warnings and actions against IRS spoof sites. The IRS recently stated that the number of bogus IRS sites has increased twelvefold this year over last year.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above