Skip to main content

IRS Scam: World's Biggest Email Virus Problem

There's no doubt that the tax man can be just as scary as the Grim Reaper. We all felt our bowels drain to our feet when Will Smith's character (Chris Gardner) discovered that the IRS emptied his bank account in The Pursuit of Happyness. Owing the government isn't pretty, and currently scam artists are tapping into that terror in what's now deemed as the "world's biggest e-mail virus problem."

With the subject line reading "Notice of Underreported Income," the message body sparks fear with the following statement: "Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below)." The link of course leads to a fake IRS.GOV website, and according to the IGD News Service, the scam first appeared on September 9. However Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham, warns that the spam campaign is showing no sign of slowing down.

Antispam vendor Cloudmark verifies that statement, adding that more than 11 million messages have been sent to its 2 million desktop customers. Another variant of the scam provides the Zeus Trojan as an attachment rather than a link. Once installed, the Trojan can hack into bank accounts and drain all of the contents. Apparently, victims are falling prey to the scam, losing "millions a day." IGN News reports that businesses are taking a large portion of the heat because banks are holding many of them accountable for their losses.

Paul Ferguson of Trend Micro added that this scam is a huge problem because the Zeus binaries are changing a few times a day to avoid detection, making it hard to stay ahead. But even though antispam can help avoid infection from the attachment, the software can't block users from visiting the malicious websites. "It's definitely a problem," he added.