Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 29th, 2008

New Online IRS Tax Scams

Security experts at Webroot Software report seeing a new wave of keyloggers (programs that secretly record every character you type), system monitors, and viruses leading up to prime tax filing season. Webroot’s Threat Research Team says that more than 1200 new key-logging programs and 336 versions of system monitoring spyware have been found and defined in the past month alone. Several states warn that con artists have already begun the highly publicized rebate checks associated as a ploy to get you to divulge personal financial information.

The increase might be explained by the fact that fewer taxpayers are using old-fashioned paper forms for preparing and submitting their taxes. According to Webroot’s figures, a record 22 million taxpayers filed their taxes from a home computer last year, up 11 percent from the previous year. Scammers know this and figure that your identity is especially vulnerable to theft when you’re filling out your tax documents with a software program or filing them over the Internet.

Federal government expects to issue economic stimulus rebate checks sometime in May or June. IRS refund checks typically arrive within three weeks of the date when you e-file your return. Some fraudulent e-mail messages contain links to fake government Web sites that request your Social Security number and bank account numbers so that the IRS can process a rebate check. If you resist disclosing the information, the site informs you that you won’t be able to receive your rebate.

Another tax scam involves e-mail messages that target accountants, businesses, and individuals, notifying them of supposed changes in tax laws. These phishing messages direct the recipient to download “updated” tax documents that reflect the new tax laws. The IRS reports having received numerous complaints from people who have downloaded bogus documents to their computer, only to discover that the documents contained malicious code designed to transfer control over the PC to a third party. A growing number of tax-themed e-mail messages contain links to Web sites (not files for download) that attempt to install malware on the visitor’s PC.

WXYZ, the ABC television affiliate in Detroit, reported that a Michigan woman, Maria Mendoza, lost US$4000 when a crook stole her identity and then visited a local H & R Block office to file a tax return, posing as Mendoza. After submitting the return, the scammer asked to receive her $4000 tax refund on the spot, using a Block service called a Rapid Refund debit card.
Here are some safeguards to help you steer clear of tax scams:

1. Ensure that your Windows desktop protection is current by going to Windows Update.

2. Confirm that you have an updated antivirus software program running on your PC.

3. When real IRS employees have questions or concerns about a tax return, they typically contact the consumer by telephone, not via e-mail.

4. If you receive a dubious e-mail message that claims to have been sent by the IRS, report it to your tax agency. Always check the legitimacy of any e-mail communication or phone call from a person who claims to be an IRS agent.

5. Don’t click links or call telephone numbers included in suspect messages. Instead, contact the bank or the IRS directly by using phone numbers or addresses listed in published directories.

6. Double-check the URLs you type into your Web browser. Mistyping a URL can transport you to a fake site instead of to the one you want.

7. Don’t open e-mail attachments. In particular, e-mail attachments with “.scr,” “.com,” and “.exe” file extensions are likely malicious.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • ID Theft Hits University Of California Irvine Students
  • Fake US Tax Court Spam Installs Malicious Code
  • FCO Warns About “Recession Relief Programme Fund” Phishing Scam
  • Hacker Published Confidential Records Belonging To Six Million Chileans On The Internet
  • Sensitive Data Said To Be Available On California Riverside County Superior Court Website

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: New Online IRS Tax Scams

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.