IRS Scam: World's Biggest Email Virus Problem
There's no doubt that the tax man can be just as scary as the Grim Reaper. We all felt our bowels drain to our feet when Will Smith's character (Chris Gardner) discovered that the IRS emptied his bank account in The Pursuit of Happyness. Owing the government isn't pretty, and currently scam artists are tapping into that terror in what's now deemed as the "world's biggest e-mail virus problem."
With the subject line reading "Notice of Underreported Income," the message body sparks fear with the following statement: "Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below)." The link of course leads to a fake IRS.GOV website, and according to the IGD News Service, the scam first appeared on September 9. However Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham, warns that the spam campaign is showing no sign of slowing down.
Antispam vendor Cloudmark verifies that statement, adding that more than 11 million messages have been sent to its 2 million desktop customers. Another variant of the scam provides the Zeus Trojan as an attachment rather than a link. Once installed, the Trojan can hack into bank accounts and drain all of the contents. Apparently, victims are falling prey to the scam, losing "millions a day." IGN News reports that businesses are taking a large portion of the heat because banks are holding many of them accountable for their losses.
Paul Ferguson of Trend Micro added that this scam is a huge problem because the Zeus binaries are changing a few times a day to avoid detection, making it hard to stay ahead. But even though antispam can help avoid infection from the attachment, the software can't block users from visiting the malicious websites. "It's definitely a problem," he added.
- Google Confuses Users with 'Googlle' Logo
- PICTURED: Sandstorm Blankets Sydney, Australia
- UK iPhone Carrier Loses Exclusivity - AT&T Next?
- Scientist: Immortality, Superhumaness in 20 Years
- Eminem's Publisher Sues Apple
- Amazon, Wal-Mart Sell Pre for $99.99 and $79.99
- Pro-Copyright Musician Was Pirating Music
- Fable Franchise ''May Adopt Natal''
- UMD Revisited: No Conversions for PSPgo
- Digital Ants Used to Battle Internet Worms
- Panasonic Sports 3D Plasma TV Prototype
- Vodafone to Sell iPhone in UK, Ireland
- Princeton Students Find Kindle "Disappointing"
- New Xbox 360, Controllers, For Holiday '09
- Skaters Freebord to Play Real Life Tetris in SF
- Study: Gamers Less Aggressive with Friends
- AT&T: Stop Texting Behind the Wheel!
- Microsoft: No Natal Support for Older Games
- Microsoft Says Halo 3 ODST Problems are Minor
It was only a matter of time before someone intelligently combined what spam does with a virus.
Who's leaking the emails to bank accounts?
It was only a matter of time before someone intelligently combined what spam does with a virus.
People have already tried it before, but now almost everybody owns a computer, meaning more idiots for the scam.
Hack into bank acc and drain its content... don't banks have security measures to battle this? drain its content to where? Can't the authorities track these?
Hey if you ain't rich, you got nothin' to worry about, lol.
FAIL! The EU,etc can shut down the Pirate Bay but they can't shut this down?!?! (It's a bit harder than taking TPB down, but it is possible).
Seems like there is something new to fool people with everyday. You just gotta practice strict/safe browsing habits and make sure people are informed. We also need to teach more people that they should not click on links in emails unless they know for certain of their origins...but even then it can be unsafe. We need a PSA telling people to manually type in URL's rather than clicking links in an email.
It just takes a little common sense to avoid such a scam. The IRS never sends such notices via email. In fact, I don't recall ever receiving communications of any kind directly from the IRS via email. They don't even ask for your email address on tax forms.
I've been getting about 4 of these emails per day. I haven't clicked a link once. I think a lot of these attacks could be mitigated by teaching internet users the structure of a web address. The links are always something like: irs.gov.fraudulentclaims.net (not the actual site, just an illustrative example.) I'm sure all you readers already know that in this example the important part of the address is the last part, fraudulentclaims.net. I think it would be simple to educate the public to the fact that addresses are formed as ie: least-significant.more-significant.(...).most-significant.(net/org/edu/etc.) I used to work in a bank and we received a decent amount of training in avoiding these types of attacks but this fact was never mentioned. This method has never failed me in detecting such an attack and it's very simple to understand.
I'm sorry but if you're stupid enough to click a link from an obviously bogus e-mail you deserve to get fucked over.
I'm sorry but if you're stupid enough to click a link from an obviously bogus e-mail you deserve to get fucked over.
Tell that to your mom.
I got one of these emails a few months ago. After I got up off of the floor from laughing, I added the sender to my spam list. Aussies don't deal with the IRS, and our ATO is much more taxpayer friendly from what I have heard...
I feel left out..I don't have any in my inbox.
Now, why in the name of hell would a government whistleblower agency contact me by e-mail?
I'd think the IRS would either do it by phone or in person...
Congratulations on being gullable to all the suckers they just owned.
I think they would come to your house before sending an e-mail, they have enough money to single you out and put you in Prison... so why would they bother with e-mail? Sporting that new car they get every so many years is much cooler!
And, even if they were to contact people by e-mail, people need open the irs page themselves, just like any bank or whatever. Just don't trust any link sent by mail.
I feel left out..I don't have any in my inbox.
Easy. Just visit the friendly website that promise to make you rich (you can tell it's not a scam 'cos the address ends in .ru) and give them your email address
Never got it but I use G-mail and it seems to have a very good spam filter. Best I have seen. For a while I would look through my spams to make sure Google was not filtering out something I wanted but it has done great.
Another reason I like Linux on my laptop too. I do not think this Virus targets Linux.
With just a bit of resources that I'm not willing to fork over, it's very easy to track down who's stealing this money. The gov simply doesn't care enough to be bothered. It's too much hassle for them to try and negotiate with other countries to go and find those thieves.
How hard is it to track money transactions through banks? How hard is it to stake out a Money Mart or whatever type of money transfer store and wait for the perps to show up and pick up the money?
I'm sorry but if you're stupid enough to click a link from an obviously bogus e-mail you deserve to get fucked over.
Dont be a dumbass. Not all adult users are familiar with scams of the kind and I consider it normal for some to be worried enough and go for i due to decency issue they have and get screwed over out of concern. I wouldn' and a lot of others wouldn't but some did and would.
Holly crap though.. millions already? o.O
All this international stealing of bank money... It kinda reminds me of Sony's ex-commercial, also known as:
"YOU CAN'T BELIEVE EVERYTHING YOU HEAR ON THE INTERNET OR I'LL BE A NIGERIAN MILLIONAIRE BY NOW"