ECONOMIC STIMULUS REFUND IRS PHISHING ADVISORY
Simply Put: A new phishing scam is currently making its way around the internet. Phishers are sending out email which appears to come from the IRS with information on your 2008 Economic Stimulus Refund. The email requests that you fill out an online form with your personal information so the check can be directly deposited in your bank account. The link to the form is included in the email. This email is not from the IRS, and is designed to steal a person’s identity.
Attack Details: Hoax-slayer.com has examples of both the email and the form in its advisory (linked below). Some emails also include malicious code embedded in the email. All emails matching this description should be deleted when received. Do not read the email or click on any embedded links.
Countermeasures: Users should be notified that these emails are circulating the internet. Do not open or respond to any emails asking for personal information. If an email appears to come from a known source, browse to the company’s website to double-check the authenticity of the information. Type in the company’s address manually, do not rely on embedded links.