Posted by Lance Koonce
Yesterday, my accountant called me to let me know that my 2006 federal tax return was complete, and that I was getting a refund. He then confirmed that he would be filing the return electronically after we finished our call.
This morning, the following email showed up in my inbox:
From: Internal Revenue Service [email@example.com]
To: Koonce, Lance
Subject: IRS Notification - Tax refund
After the last annual calculations of your fiscal activity we have determined that
you are eligible to receive a tax refund of $249.30
Please submit the tax refund request and allow us 3-6 days in order to
A refund can be delayed for a variety of reasons.
For example submitting invalid records or applying after the deadline.
To access the form for your tax refund, please click here
Internal Revenue Service
© Copyright 2007, Internal Revenue Service U.S.A. All rights reserved.
Now, I knew my refund was not for $249.30, unless my accountant did some seriously bad math. But the proximity of the email after the e-filing almost convinced me this was legit.Continue Reading...
Posted by Angela Kang and Jennifer Small
The latest RSA Monthly Fraud Report warns of a new “plug-and-play” phishing kit that can install a phishing site within two seconds. Creating a phishing site is now as easy as installing a “.exe” file. If that doesn’t ring any alarm bells, McAfee Avert Labs reports a 784% increase in phishing sites in the first quarter of 2007, with no slowdown in sight.Continue Reading...
Posted by Brian Bennett
Experts say that scam artists are targeting just about every internet web site for automobile sales. Warning signs that consumers should watch out for are:
1) the seller or buyer won't provide contact information, or the information doesn't check out;
2) the transaction involves a money wire or illegitimate escrow account; or
3) the deal sounds too good to be true.
Perhaps most important to keep in mind is that once you have given your account information, your money is gone.
Posted by Peter Mucklestone and Stuart Louie
As recently reported by Gregg Keizer at TechWeb News, Netcraft, a U.K.-based internet monitoring company recently uncovered the unauthorized use of China Construction Bank Corp.'s servers by online criminals to host "spoofed sites" in order to dupe customers of American banks and online retailers. China Construction Bank Corp. is one of China's "Big Four" state-owned banks with more than 14,200 branches across China.Continue Reading...
Posted by Lance Koonce
Perhaps I'm just cynical, but if the Internal Revenue Service sends me an email notice today saying that I have unexpectedly received a refund on my taxes, I will not rush out and start start shopping for that new car just yet. (Of course, maybe that's because my taxes are never done until April 15th, so anything I receive from the IRS this early is clearly a fraud.)
But the IRS is not laughing at the surge in email phishing attempts designed to prey on people's tendency to trust official-looking communications from the federal government.Continue Reading...
Posted by Merrill Baumann
It's axiomatic that wherever large sums of money are changing hands, there will be scams seeking a piece of the action... and tax collecting is no exception. Not surprisingly, the IRS warns that numerous phishing scams abound, where the perpetrator asks for confidential information in exchange for tax refunds or some other benefit. So how do you protect yourself against these fraudsters? One of this biggest weapons is common sense. Legitimate commercial outfits no longer request confidential financial information by unsolicited emails. And in many contexts, including the IRS, simply ask yourself: Why are they asking for this information? Don't they already have it?
Posted by Kraig Baker
Gartner reports that phishing attacks grew 28% from May 2004 to May 2005. Almost 2.5 million people reported losing money because of phishing attacks (and that's just those that admitted to it) to the tune of $929 Million and 11 million people clicked on a phishing e-mail. Despite the increase, it doesn't appear to me that phishing attacks have gotten that much more sophisticated. I think this is an outgrowth of people's general fear of computers and gullibility with respect to the written word. People who fall victim to phishing are undoubtedly the same people who used to forward the Bill Gates chain letter.Continue Reading...
Posted by Lance Koonce
On Friday, Governor Arnold Schwarzenegger signed California Senate Bill 355, the Anti-Phishing Act of 2005, which makes phishing schemes illegal in California. The legislation states that "[i]t shall be unlawful for any person, by means of a Web page, electronic mail message, or otherwise through use of the Internet, to solicit, request, or take any action to induce another person to provide identifying information by representing itself to be a business without the authority or approval of the business."Continue Reading...
Looters are apparently not to the only persons seeking to benefit from the misery of others. The Salt Lake Tribune recently reported increasing incidents of phising in the wake of Hurricane Katrina. Within hours after Katrina devastated much of New Orleans, a flurry of Katrina-related domain name registrations were reported; many thought to be linked to bogus charities and fund-raising cons. (Example of possible phishing site described here). On eBay, sellers are auctioning Katrina-related domain names "promising" to donate a portion of the proceeds of the sale to flood relief efforts. Even the large financial markets are not immune.Continue Reading...
In an attempt to battle against the neverending surge of phishing attacks, some employers have taken the unusual measure of devising and sending their own fake emails to employees.Continue Reading...
In a recent study conducted by the Anti-Phishing Working Group, a global association of ISPs, banks, law enforcement agencies and other concerned parties, it was noted that incidents of phishing (or the use of fraudulent emails to dupe people into sharing personal information such as back account passwords, PIN number and/or credit card information), while still rampant on the internet, are increasing at a slower rate.Continue Reading...
A report issued August 2, 2005, by Gartner, Inc. describes how thieves have stolen more than $2.75 billion by using phishing scams to obtain debit card account numbers and PINs from unsuspecting consumers. The thieves use the account numbers to create fake cards, then use the cards and PINs to drain consumers' accounts, leaving consumers to deal with the bounced checks and the banks to reimburse the victims, as described in more detail here. The debit cards of some banks, such as Bank of America, are not targets because the banks take advantage of a second track on the magnetic strips on their cards to embed additional security codes that consumers -- and therefore data phishing thieves -- don't know about. Banks whose debit cards have been hard hit by these attacks have begun using the second track on the magnetic strips on their cards and have beefed up their security codes in order to prevent the attacks.
Posted by Randy Gainer