Another phone-phishing scam spoofs IRS

A new scam to steal personal and financial information through a combination of e-mail and phone calls surfaced last week, masquerading as an urgent message from the IRS about a tax refund.

Vishing, or voice phishing, 'is still a new technique,' said Sam Masiello, director of threat management at MX Logic. 'But it's becoming more prevalent,' because it offers scammers a way to get around blacklists used to block traffic to malicious Web sites. Instead of including a link to a Web site in the fraudulent e-mail, recipients are asked to call a phone number and are then asked for credit card information.

Another advantage for criminals of vishing is that people who might be wary of Web links might trust a phone number.

The latest scheme is just the latest in a series of tax-season frauds that have appeared in the last few years, usually during the run-up to the April 15 deadline for filing personal tax returns.

Although the number of e-mails being sent out is relatively small, 'we are seeing an increase in the level of aggression in the IRS scams this year,' Masiello said.

The subject line in the most recent scam is 'Internal Revenue Service Tax Refund,' and the body of the message informs the recipient that there is a $215 refund awaiting him, with an expiration data to add a sense of urgency. The message also says, 'Attention! Tax refunds can be sent only to VISA or Mastercard DEBIT CARDS.' Recipients are urged to call a telephone number with a 602 Arizona area code to provide the needed financial information.

Needless to say, the IRS does not contact people by e-mail and do not need credit or debit account information to provide refunds. IRS and Treasury Department scams are expected to continue this year well past the usual tax season because of rebates being issued as part of the economic recovery program. Keep an eye on your inbox for bogus e-mails expected to begin appearing probably next month.

'We see that as another topic of scams,' Masiello said. 'We don't know what they are going to be exactly, but we do expect to see them.'

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group