The IRS and Internet security experts are warning of a fake phishing email which appears to come from the IRS. The phishing scam takes the form of what claims to be an email from the IRS which advises you that you have a tax refund due.
What is particularly sneaky about this fake IRS email is that the link that it gives you, to govbenefits.gov, is genuine. It will take you to the real govbenefits.gov website, but then it invisibly redirects you to the phishers’ website. The reason that the phisher is able to do this is that the govbenefits.gov website has a security flaw which is known as an “open redirect”.
Explains Sophos security expert Graham Cluely, “This is more advanced than the typical phish, because the Web link really does – at first – take you to the real tax benefit web site. Unfortunately the way the government web site has been configured allows the phishers to bounce the unwary in their direction.”
Most of the fake IRS tax refund email has mentioned the precise “refund” amount of $571.94, but expect that to change as people catch on, and the phishers alter their tactics.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Just received one for a refund of $1835.67. Printed it off and was about to take it to my CPA to check into it. Did not click where it said to though.
how they find out about my email adress?
I dont know if this is the same one as the january postings describe, but this one includes a html attachemnt the the phisher wants you to ‘submit’.
anyone seen this one?
Tax return 2008 – 2009
2008 – 2009 Recalculation of you tax refund
Local Office no. 182 28/July/2009
TAX REFUND NUMBER: USA52/XXXXXXXXXIRS29/158
ATTN: Dear Applicant
After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund of $314.79
Your TRN (TAX REFUND NUMBER): USA52/2XXXXXXIRS29/158, complete the tax return form attached to this message.
After completing the form, submit the form by clicking the SUBMIT button on form and allow us 5-9 business days in order to process it.
Our head office address can be found on our web site at http://www.irs.gov/
Note: For security reasons, we recommend that you close your browser after you have finished accessing your refund status.
– For security reasons, we will record your ip-address and date.
– Deliberate wrong inputs are criminally pursued and indicted.
Sincerely,
Jennifer Brough
Tax Credit Officer
Internal Revenue Service
the new emails are coming from organizations @internal.com
After the last annual calculations of your fiscal activity we have
determined that you are eligible to receive a tax refund of $182,50.
Please submit the tax refund request and allow us 3-9 days in order to process it
dont fall for this scam
dont fall there is a new one out with another amount and it looks real however it does say almost the same thing about the fiscal year and all that dont fall for it
FAKE IRS TAX REFUND –
We are pleased to inform you that upon review of your fiscal activity
we have determined that you are eligible to receive a tax refund of
$354.20 under section 501 (c) (3) of the Internal Revenue Code.
Please submit the tax refund request and allow us 3-6 days in order
to process it.
A refund can be delayed for a variety of reasons. For example submitting
invalid records or applying after the deadline.
To access the online form for your tax refund, please use the link below:
Note: For security reasons, we will record your ip-address, the date
and time. Deliberate wrong inputs are criminally pursued and indicted.
Because this letter could help resolve any questions regarding your exempt
status, you should keep it in your permanent records.
David Morgan
Director, Tax Refunds Department
This links to an offical IRS site, but when you submit it is to another site, which is transmitting your bank info, etc..
Don’t fall for it.
12/16/08