In this section

• Home
• Press office
• News archive
• Articles
• 2006
• 04

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

4 April 2006

IRS tells taxpayers how to report phishing attacks

Phishing emails have posed as federal tax refunds.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed the news that the Internal Revenue Service (IRS) has published information for American taxpayers about how they can report suspicious emails that claim to come from the organization.

Following a spate of email phishing campaigns which have posed as federal tax refunds (but have actually been designed by hackers to steal confidential information from individuals), the IRS has published advice on its website.

Users who receive a suspected phishing email posing as an IRS communication should send it to phishing@irs.gov, including the full email headers if possible.

"These phishing emails typically point you to a bogus website which looks just like the real IRS website, but is really designed to steal information from you," said Graham Cluley, senior technology consultant for Sophos. "Taxpayers and other online surfers need to be very careful about which emails they trust and what websites they visit or they could end up with a large hole in their finances."

Some phishing emails invite taxpayers to visit a bogus website to collect a non-existent refund.

In February, Sophos revealed in a survey that 58% of people receive a phishing email every day.

Sophos recommends that computer users protect themselves with a consolidated solution which can defend against the threats of spam, spyware and viruses.

Organizations concerned about being fraudulently represented in phishing campaigns can sign up to the Sophos early warning system, Sophos PhishAlert.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also:

• Phishers send email posing as IRS tax refund
• Simple steps to avoid being phished
• Protect your email servers and gateways against spam and viruses
• RSS security news and live virus information feeds