Create an Account
username: password:
 
  MemeStreams Logo

Phishers use IRS tax refund as bait...

search

unmanaged
Picture of unmanaged
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

unmanaged's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Phishers use IRS tax refund as bait...
Topic: Business 7:52 pm EST, Dec  1, 2005

A spam e-mail message has been sent around the world telling people they are eligible for a $571.94 tax refund from the IRS. The e-mail offers a link to a fraudulent IRS Web site, but the link actually goes through a legitimate government Web site that only last month was promoted by President Bush.

"This is more advanced than the typical phish, because the Web link really does--at first--take you to the real tax benefit Web site," said Graham Cluley, senior technology consultant for U.K. security vendor Sophos. "Unfortunately the way the government Web site has been configured allows the phishers to bounce the unwary in their direction."

The link in the phishing e-mail goes to a forged IRS Web site that asks for a Social Security number, tax return filing code and credit card details including security code and PIN.

The scam takes advantage of a so-called open redirect on the GovBenefits.gov Web site. This open redirect lets anyone craft a link that to the untrained eye looks like it goes to the government site, but actually goes elsewhere on the Web. The following link, for example, goes to CNET News.com:

http://www.govbenefits.gov/govbenefits/externalLink.jhtml?url=http://www.news.com.

The government is aware of the issue and is working to fix it, a representative of the Department of Labor said Wednesday. The department manages the GovBenefits.gov Web site. The site is a collaborative effort of 16 federal agencies to increase access to government information and is part of the president's e-government initiative.

Phishers use IRS tax refund as bait...



 
 
Powered By Industrial Memetics
RSS2.0