Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
Internal Revenue Service
Date:12.15.2005
Threat Type: Phishing Alert
Websense® Security Labs™ has received reports of a new phishing attack that targets American taxpayers and claims to be the Internal Revenue Service. Users receive a spoofed email message, which claims they may access and track their tax refund information online. Upon clicking the link in the email, users are taken to a fraudulent website. The fraudulent website prompts users for their first and last name, social security number, mailing and email address, credit card number, CVV2, and ATM pin.
This phishing site is hosted in Italy and was down at the time of this alert.
Phishing email:
*Subject:* Refund notice
You filed your tax return and you're expecting a refund. You have just one question and you want the answer now - Where's My Refund?
Access this secure Web site to find out if the IRS received your return and whether your refund was processed and sent to you.
**New program enhancements** allow you to begin a refund trace online if you have not received your check within 28 days from the original IRS mailing date. Some of you will also be able to correct or change your mailing address within this application if your check was returned to us as undelivered by the U.S. Postal Service. "Where's My Refund?" will prompt you when these features are available for your situation.
To get to your refund status, you'll need to provide the following information as shown on your return:
* Your first and last name
* Your Social Security Number (or IRS Individual Taxpayer
Identification Number)
* Your Credit Card Information (for the successful complete of the
process)
Okay now, **Where's My Refund
<LINK DELETED>
Note: If you have trouble while using this application, please check the Requirements <http://www.irs.gov/individuals/article/0,,id=96582,00.html> to make sure you have the correct browser software for this application to function properly and check to make sure our system is available <http://www.irs.gov/individuals/article/0,,id=141231,00.html>.
Phishing screenshot:
