• Guest please check The Index before starting a thread.

IRS Phishing E-Mail

editing_for_authors
Editing for authors: because every writer needs a good editor.

Duncan J Macdonald

Plotting! Not Plodding!
Super Member
Registered
Joined
Feb 12, 2005
Messages
1,881
Reaction score
455
Age
64
Location
Northern Virginia
Got a new IRS phishing scam in my home e-mail today. Besides the usual grammatical errors, who would believe that the U.S. Internal Revenue Service would voluntarily provide a refund? Especially to e-mail addresses, when the IRS collects via physical home address.
After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here

Regards,
Internal Revenue Service

Looking at the router droppings, the e-mail originates from a server at the University of Houston, which I believe is hacked. The link (which I've defused in the above quote) points to 207.226.88.28, an address owned by Beyond The Network America, Inc., and sub-leased to IronPath Networks. The specific server addressed is one named "~test", which I also suspect of being hacked.

I have informed the IRS. They tend to take a dim view of such shennanigans.

Edited to add: If you get one of these, or any e-mail purportedly from the IRS, forward that e-mail to [email protected]
 
Last edited:

MartyKay

Sockpuppet Hunter
Super Member
Registered
Joined
Feb 13, 2005
Messages
202
Reaction score
69
Location
Adelaide
Website
martykay.blogspot.com
If I did that James, I'd be spending my whole day forwarding mail to ebay and paypal.

I've been getting a HUGE amount of paypal, ebay and, strangely Chase phishing lately. My poor Gmail account is getting hammered.
 

James D. Macdonald

Your Genial Uncle
VPX
Absolute Sage
Super Member
Registered
Joined
Feb 11, 2005
Messages
25,582
Reaction score
3,781
Location
New Hampshire
Website
madhousemanor.wordpress.com
Forward the chase ones to [email protected]

If you have a real email account, and use a real mail client (IMHO, Gmail sucks rocks), you can get PopFile from Sourceforge (freeware) to sort all the various sheep and goats into their appropriate pens. Then it's an easy task to group forward the lot of 'em.
 

JulieB

I grow my own catnip
Super Member
Registered
Joined
Feb 17, 2006
Messages
2,403
Reaction score
213
Location
Deep in the heart o' Texas
I've been getting hammered with Chase spoofs as well. It's doubly interesting for me because a foriegn client pays me though them. Since English is not the primary language at the branch in question some of the subject lines have looked just like spam. I don't think I've lost any message so far (I'm getting paid), but it's a pain. I use a whitelist and a bayesian filter, but their not perfect.
 

Krampus Nacht

Krampus