Tax Refund Email from IRS at GovBenefits.gov is Fake! Don’t Get Caught by IRS Phishing Scam!
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

The IRS and Internet security experts are warning of a fake phishing email which appears to come from the IRS. The phishing scam takes the form of what claims to be an email from the IRS which advises you that you have a tax refund due.

What is particularly sneaky about this fake IRS email is that the link that it gives you, to govbenefits.gov, is genuine. It will take you to the real govbenefits.gov website, but then it invisibly redirects you to the phishers’ website. The reason that the phisher is able to do this is that the govbenefits.gov website has a security flaw which is known as an “open redirect”.


Explains Sophos security expert Graham Cluely, “This is more advanced than the typical phish, because the Web link really does – at first – take you to the real tax benefit web site. Unfortunately the way the government web site has been configured allows the phishers to bounce the unwary in their direction.”

Most of the fake IRS tax refund email has mentioned the precise “refund” amount of $571.94, but expect that to change as people catch on, and the phishers alter their tactics.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

6 thoughts on “Tax Refund Email from IRS at GovBenefits.gov is Fake! Don’t Get Caught by IRS Phishing Scam!
0 (0)

  1. Just received one for a refund of $1835.67. Printed it off and was about to take it to my CPA to check into it. Did not click where it said to though.

  2. I dont know if this is the same one as the january postings describe, but this one includes a html attachemnt the the phisher wants you to ‘submit’.

    anyone seen this one?

    Tax return 2008 – 2009
    2008 – 2009 Recalculation of you tax refund
    Local Office no. 182 28/July/2009
    TAX REFUND NUMBER: USA52/XXXXXXXXXIRS29/158

    ATTN: Dear Applicant

    After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund of $314.79
    Your TRN (TAX REFUND NUMBER): USA52/2XXXXXXIRS29/158, complete the tax return form attached to this message.
    After completing the form, submit the form by clicking the SUBMIT button on form and allow us 5-9 business days in order to process it.

    Our head office address can be found on our web site at http://www.irs.gov/

    Note: For security reasons, we recommend that you close your browser after you have finished accessing your refund status.
    – For security reasons, we will record your ip-address and date.
    – Deliberate wrong inputs are criminally pursued and indicted.

    Sincerely,
    Jennifer Brough
    Tax Credit Officer
    Internal Revenue Service

  3. the new emails are coming from organizations @internal.com
    After the last annual calculations of your fiscal activity we have
    determined that you are eligible to receive a tax refund of $182,50.
    Please submit the tax refund request and allow us 3-9 days in order to process it
    dont fall for this scam

  4. dont fall there is a new one out with another amount and it looks real however it does say almost the same thing about the fiscal year and all that dont fall for it

  5. FAKE IRS TAX REFUND –

    We are pleased to inform you that upon review of your fiscal activity
    we have determined that you are eligible to receive a tax refund of
    $354.20 under section 501 (c) (3) of the Internal Revenue Code.

    Please submit the tax refund request and allow us 3-6 days in order
    to process it.

    A refund can be delayed for a variety of reasons. For example submitting
    invalid records or applying after the deadline.

    To access the online form for your tax refund, please use the link below:

    Note: For security reasons, we will record your ip-address, the date
    and time. Deliberate wrong inputs are criminally pursued and indicted.

    Because this letter could help resolve any questions regarding your exempt
    status, you should keep it in your permanent records.

    David Morgan
    Director, Tax Refunds Department

    This links to an offical IRS site, but when you submit it is to another site, which is transmitting your bank info, etc..
    Don’t fall for it.
    12/16/08

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.