It is that time of year that people's thoughts begin to turn toward Year-End and taxes. (Well, some people's thoughts anyway.) It is also that time of year that fraudsters begin to ramp up efforts to snare victims using 'phishing' techniques, i.e. using spam emails to lure victims into giving up sensitive information in the hopes for an extra portion of their refund or in exchange for answering a survey getting $80 credited to their credit card or bank account. In this article, we are going to discuss this pervasive problem and how to avoid getting suckered in by these schemes.
Below is the text of an actual spam email that has been sent to millions of US Taxpayers, we are going to take it step by step to explain how to tell if you are receiving a genuine message from the IRS or if it's a Phisherman.
"From: Internal Revenue Service [mail to:security@irs.gov]
Sent: Friday August 8, 2008 10:00AM
Subject: IRS Survey: $80 to your account - Just for your time!
Importance: High
Congratulations!
Dear Customer,
You've been selected to take part in our quick and easy 8 questions survey. In return, we will credit $80.00 to your account - Just for your time!
Please spare two minutes of your time and take part in our online survey so we can improve our services. Don't miss this chance to change something.
To continue click on the link below:
http://www.irs.gov/login.asp=survey
Copyright 2007 Internal Revenue Service U.S.A."
While the reason for asking for information from you may differ, whether it is a survey or a mistake that entitles you to more of a refund than you claimed, the result is the same. Your information and shortly later your bank account are gone. A lot of these phishermen are offshore companies that use a method known as 'hopping points' to hide the origin of their operations. A phisherman in Germany will use a 'hopping point' in South Korea; these crooks have gotten very creative and will often use several 'hopping points' to cover their tracks. But let's look at this email step by step to see what we are dealing with here.
One, any email sent to security@irs.gov is going to get rejected as this is not a valid email address, try verifying this yourself as the email address, while likely is a false one can sometimes actually lead to the IRS which will fill their inboxes with tons of requests for information on this 'survey'.
Two, when has the government EVER sent you a letter that has said, 'Congratulations', either paper or email? Chances are, the answer is never. Let's face it, the government isn't in the business of 'congratulating' anyone. One person mentioned that he got a draft notice that said, "Congratulations!" but the rest of the letter was all bad news.
Three, the IRS will never refer to you as a 'customer'. Taxpayer, yes; Citizen, sometimes, but never ever as a customer. And, even though this is a little facetious when has the IRS ever created anything that is quick and easy? This is the same government institution that sent three extra sheets of paper with each return in 2000 to explain the Paperwork Reduction Act!
Four, inevitably on these emails there will be a grammar or spelling error. Since these emails are often generated by people whose first language is not English, 99% of the time there will be an error. The English that the IRS uses might not be very clear, but its spelling and grammar are impeccable. '8 questions survey' should be '8 question survey'.
Five, about clicking on these links, remember that these links can be disguised, so while the link may say it's sending you to the IRS site, in reality, it's sending you to a cloned site, which in many instances actually looks better than the real thing. NEVER click on these links, NEVER cut and paste these links, if you want to verify the site, manually type in the site into your browser. Cutting and pasting will paste the hidden site, not the intended site into your browser!
Six, the IRS does not have to copyright itself every year, so there would be no copyright in the corner, it DOES make it look official and that is of course why the phishermen will use this tactic. And finally, number seven, and remember this one, THE IRS WILL NOT INITIATE CONTACT WITH A TAXPAYER VIA EMAIL OR FAX. So why are people caught by this scam? Simply because people are always looking for free money and those that are looking for free money are the ones who keep getting caught up in these types of scams.
Let's assume that you have already seen the email and clicked on the link (NEVER DO THIS) in addition to taking you to the wrong site, some links can put a Trojan horse or create a backdoor to your operating system that cannot be detected by Norton, AVG etc, because these backdoors are created by the people who are real familiar with how these programs work. If you have clicked on this link, you are taken either to the survey, (and in many cases, the survey is entirely skipped but regardless of whether it is there or not, this page will ask for your name, Social Security number, the card number you want 'credited', the expiration date and the CSV number on the reverse of the card.
While the IRS will request your SS #, and the amount of your refund, the IRS will NEVER ASK FOR YOUR CARD NUMBER, BANK ACCOUNT NUMBER, ETC, EVER! Why? Because they already KNOW it! When you opened your account, you had to use your SS number as an identifying number to do so.
In addition to using SPAM emails, these fraudsters will also use automated faxes. These faxes will often claim that you have won a vacation, or that you need to fill out IRS form W-8 for Foreign People Earning US Income. This is a completely fictitious form, do NOT return this form to the sender!
Okay let's say that you have become a victim of this fraud and you have compromised your personal information. What do you do? First, send the email to phishing@irs.gov and contact all the major credit bureaus. If this email claims to be from the IRS you may also call the TIGTA hotline at 1-800-366-4484. Fraud affects everyone, don't be a victim, learn what you can do to prevent it! And if it has affected you, fight back! There are many services you can use to repair your credit rating after your identity has been stolen.
David Roberts, CFE, CQBPA, MBA, lives in Kissimmee, Florida with four girls, three dogs, two snakes and one wife. He has been a member of the ACFE for four years and has been studying fraud for longer than that. He is the owner of Homesoon Accounting Services which specializes in Quickbooks Consultations and Fraud Prevention and Detection.
Article Source: http://EzineArticles.com/?expert=David_S_Roberts
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment