Friday, June 24, 2011

IRS Notification Email Scam

It's time again to discuss email scams that dupe people into downloading certain files and installing malware(s) unknowingly in their PCs.

A couple of hours ago prior to this post, I received an email from a certain "no-replyciiu@irs.gov" which shows up as "IRS service" in my inbox notifying me that they were unable to process my tax return. Now, the message was neatly constructed take some misspelled words. It even uses the official IRS logo as the header message. It would've fooled me if not for some very obvious giveaways which we will discuss at the next paragraph. Just then did I conclude that I've just received a fake IRS notification email scam.

First of all, I have not registered for the IRS nor do I have any of the documents the message was asking. Two, I'm not even American, have never entered the USA, nor did I have any scuffle with the IRS regarding any unpaid taxes or anything that concerns its services. And lastly, and this is the most important of all: THE IRS DOES NOT INITIATE TAXPAYER COMMUNICATIONS THROUGH E-MAIL REGARDING EFPS OR TAX ACCOUNT MATTERS. They don't "request detailed personal information through e-mail" nor "send any communication requesting your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts."

The fake IRS notification email

Now, if you are a resident citizen of the United States of America and if you received a message via email from someone claiming to be from the IRS, go to the IRS Phishing Guide by clicking HERE.

Anyway, here's my what to do list when an IRS notification email scam message or anything similar to this arrives in your inbox:

1) Quickly check the sender's address. If it came from someone using free mail services like Yahoo! or Google Mail, it's probably fake. Now, if it's using high tier domains such as .gov or .edu or country domains, read the message further;

2) Check the message for funny looking words, misspelled words and wrong usage of punctuations and grammar. Official letters do not and should not contain these kinds of errors;

3) Check if it is asking any personal information from you such as your name, birthday or social security number. If it is, it's a high risk phishing message. Do not reply to it. Report it to the proper authorities;

4) Check if the message has any attachments with it. If it does, it's a scam message containing malware.


Don't forget, no matter how official looking an email is, there's always a high risk of it being a notification email scam, especially in the internet—where everything is dangerous. I also made this post especially long because fake messages like this IRS notification email scam are high profile risks which could steal very sensitive personal data from innocent internet users.

'Till my next installment.

No comments:

Post a Comment