Posted on 03/02/2006 2:45:17 AM PST by Liz
The IRS is investigating phishing operations trying to coax vital data like SS numbers and ATM pin codes out of unwitting taxpayers.......pretending to be from the IRS.
The Treasury and IRS are actively investigating the antics......thieves are sending out official-looking messages with the title "Internal Revenue Service IRS.gov" at the top......the words "Department of the Treasury." The official seal of the IRS is at the top of the message. "After the last annual calculations of your fiscal activity," the "IRS" note says, "we have determined that your are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it." "A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline," the note says in strained syntax. "To access the form for your tax refund, please click here." To give an additional bit of authenticity the phishers also added the tag line "Copyright 2006, Internal Revenue Service U.S.A. All rights reserved."
When you click through to the second page, the phishers ask for your Social Security number, PIN number for an automated teller machine and a credit card, so that the $68.80 can be placed in your account.
What if you give the phishers your vital statistics? Well, they'll probably be using your credit cards until you figure it out — with you, of course, waiting the 6-to-9 days for your tax "refund" to show up.
But the SS number and your PIN will give the crooks pleasure long after that and you'll be trying to get your financial identity back for years.
(Excerpt) Read more at nypost.com ...
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
I got one of these from raj.colorado.edu. Probably college students.
I emailed the U of Colorado police, but haven't heard anything.
Never click on any link in an email. It is better to type it out in the address window:
http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
The FTC suggests these tips to help you avoid getting hooked by a phishing scam:
If you get an email or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.
Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.
Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.