Web Hosting Security

  Home arrow Web Hosting Security arrow Beware of Tax-Themed Phishing Scams
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

Beware of Tax-Themed Phishing Scams
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating:  stars stars stars stars stars / 0

    Table of Contents:

    Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article



    Tax season is in full swing, and with it comes an extra nuisance, other than the taxes themselves. Since taxes affect virtually every adult within the United States in one way or another, cybercriminals have new phishing scams in place with which they hope to reel in new victims. While the nature of the scams is important, it's their timing that could dupe many more people than usual.

    AppRiver, a company that provides email and web security solutions for businesses, reported details on a new IRS phishing scam in a blog post on February 15th. The phishing scam comes in the form of an email message with a header of the IRS logo. The message claims to be an urgent report and states that “Your Federal Tax Payment has been rejected." The message includes a phony payment ID number and states the reason for rejection as having supplied an invalid identification number in the Company Identification Field. 

    To fix the problem, the message urges you to check attached information. The attached .zip file contains a .exe file that will immediately infect your computer if it is run. At the time of the blog post, only 1 out of 41 antivirus engines successfully identified the attachment as malware, which was found to be associated with the Zeus Trojan.

    This latest scam is just another example of hackers using current events and legitimate institutions as part of their efforts to spread malware or obtain sensitive data. The IRS has been used in past phishing scams, but this particular case is rather special due to its timing and the unusual circumstances surrounding it. 

    The IRS was not prepared to receive certain tax returns until February 14th. This was due to a late decision by the U.S. government to extend tax cuts at the end of 2010. Taxpayers using the e-filing method or claiming deductions would have their returns held until February 14th, which is when they would finally be sent to the IRS automatically. 

    Once the IRS received the returns, taxpayers would receive a confirmation email that the return was accepted. Such a confirmation method meant that many expected a tax-related email to surface around that time. By sending phishing emails on February 15th, cybercriminals had a perfect chance to spread their malware and execute other scams. 

    Although the scam is quite clever in its form and timing, do not be fooled by it or other phishing attempts that appear to come from legitimate sources. Any confirmation email regarding your taxes will come from the company or service that prepared them for you. The IRS will not send you such an email. Be wary of phishing attempts in the future, and do not click on any suspicious attachments. If you have concerns, contact the company, such as the IRS in this case, directly. Being cautious will help you protect yourself, your computer, and your personal data from being compromised.

    For more on this topic, visit the PC World story.

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou


    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap