Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned of
a bogus email that tells taxpayers that they are eligible to
receive a tax refund from the Internal Revenue Service (IRS).
The spammed email poses as a federal tax refund for $63.80, but
has actually been designed by hackers to steal confidential
information from individuals.
The emails, which have the subject line "IRS Notification -
Please Read This", claim that IRS has determined that the recipient
is eligible to receive a tax refund, and is invited to visit a
website to submit their bank information to receive the money.
The phishing email invites taxpayers to visit a
bogus website to collect a non-existent refund.
However, the website is disguised to appear like the real IRS
website, and is designed to steal the user's social security number
and credit card details.
The bogus website is disguised to look like the
real IRS website, but is designed to steal information.
"The criminals behind these emails are banking on people's
desire to get money back off the taxman," said Graham Cluley, senior
technology consultant for Sophos. "Taxpayers who visit the bogus
website risk handing over their social security numbers and credit
card details straight into the hands of hackers. The fact is that
the IRS never uses email to tell taxpayers that they are eligible
for a refund."
Following a spate of email phishing campaigns the IRS has
published advice on its
website for computer users on how to avoid phishing emails.
Earlier this year, Sophos revealed in a
survey that 58% of people receive a phishing email every day,
and the company recommends that computer users protect themselves
with a consolidated solution which can
defend against the threats of spam, spyware and viruses.
Organizations concerned about being fraudulently represented in
phishing campaigns can sign up to the Sophos early warning system,
Sophos PhishAlert.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.