Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned
internet users of a phishing email which aims to steal from
American taxpayers by posing as notification of a refund from the
Internal Revenue Service (IRS). The phishers are taking advantage
of a security configuration error on the real US Government website
which is allowing phishers to redirect visitors to a bogus
website.
The email invites taxpayers to visit a website
to collect their refund.
In an attempt to look more legitimate, the email tells users to
cut-and-paste the link into their web browser rather than click
directly on it. Although the link does use the genuine domain name
of a real government website (www.govbenefits.gov), a mistake in
the way the website has been set up bounces surfers to a bogus site
run by the phishers.
The bogus benefits website asks for information
from taxpayers.
"This phish tells you that the IRS owes you several hundred
dollars, and offers you a web link from which you can allegedly
claim your tax refund," said Graham Cluley, senior
technology consultant at Sophos. "But the link in the email simply
bounces you off a US Government website onto a site owned by the
criminals, who are ready and waiting to steal your credit card
details, Social Security Number and other personal
information."
"This is more advanced than the typical phish, because the web
link really does - at first - take you to the real tax benefit
website. Unfortunately the way the government website has been
configured allows the phishers to bounce the unwary in their
direction instead. The phishers didn't need to hack into or
compromise the government website to do this, the website has
simply had this vulnerability on it all along," continued Cluley.
"This is a salutory warning to every business and agency that runs
a website to be very careful that it cannot be abused to bounce web
surfers elsewhere."
Sophos reminds users to be wary of unsolicited emails, and has
published information about how individuals can learn how to protect
themselves against this and other online scams.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.