Security firm Sophos is warning Internet users to be a little more wary of
the IRS than usual this week after a slew of phishing e-mails
disguised as refund notification from the agency were discovered.
The phishers are taking advantage of an apparent security configuration
error on the real IRS Web site that redirects visitors to a bogus Web site, according to Sophos Labs.
The scam tells users to cut-and-paste the link into their Web browsers
instead of clicking on it to avoid refund problems down the road.
Because the link uses the genuine domain name of the actual government
Web site, users are more likely to be duped into following the phishers’
“This phish tells the user that the IRS owes them several hundred dollars
and offers a Web link from which they can allegedly claim the tax refund,”
Graham Cluley, senior technology consultant at Sophos, wrote in a warning
posted on the firm’s Web site.
However, the link in the e-mail bounces the user off a U.S. government Web site
onto a site operated by the criminals, who then proceed to steal credit
card details, Social Security numbers and other personal information,
according to Cluley.
“The phishers didn’t need to hack into or compromise the government Web site
to do this,” continued Cluley. “The Web site has simply had this vulnerability on it all along.”
Sophos is warning Internet users to always be wary of unsolicited e-mails.