Usually when we get mail from the IRS, we tend to open it immediately, often with a sense of dread. But now comes word from personal finance guru Jane Bryant Quinn of an insidious new phishing scam that uses the IRS to steal our personal financial information.Here's what happened to a savvy personal finance writer.
Ms. Quinn says she received a string of "urgent" IRS messages that read "LAST NOTICE: We decline your Federal tax payment," followed by an ID number. Or, "LAST NOTICE: The Identification Number used in the company identification field is not valid."
She admits that the first message gave her pause. The email appeared to come from the Electronic Federal Tax Payment System (ETFPS), which is the website you use when paying your income taxes online. She then thought for a couple of seconds about whether she could have made a tax mistake. That's when her good sense took over.
Being knowledgeable about how these things work, Ms. Quinn correctly surmised that IRS does not use email to get in touch with taxpayers. It sends out what she describes as one of those "mean-looking envelopes with a lot of black type in the upper left-hand corner." Fortunately, she managed to get off the phish-hook and hit delete on the phony email.
But if you're caught by this scam and others like it, you're in for some bad news. The cyber thugs have raised the bar putting you at greater risk than you can imagine. Typical phishers are looking for personal financial information. You might be told that a Federal Express package was misdirected or that there's a question about your bank account. If you click, you're sent to a second screen where you're asked to "update" or "validate" your current data with a credit card number, or Social Security number, or the number and password of your bank account.
Most people didn't fall for those tactics so Avalanche came up with an ugly hunk of malware known as the Zeus banking Trojan. Ms. Quinn writes that if you click on the link provided by the LAST NOTICE IRS email, you might be taken only to an innocuous information page. You read, delete, and move on to something else. But during those few moments you're on the page, the malware will zap itself into your machine and you won't even know it's there. Then it takes user names and passwords to the financial accounts you manage online, logs in and sucks them dry. It sweeps up your address book, to spread itself to the computers of your contacts and friends. If you happen to be online with your bank when Zeus pops in, it will show you the real numbers while, in the background, it's pulling money out.
Zeus has been around for a while but what's new is that Avalanche has industrialized it, making it easy and fast to launch thousands of attacks, virtually all at once.
A lesson from Ms. Quinn - stop and think before you connect to any link you aren't familiar with or looks suspicious. Don't open any business email that you're not expecting. If you have a question, call or email the business yourself. Don't call the number that the questionable email gives you either. It might misdirect you to the scammer's line. If you email the business, check the address and type it into the URL line yourself, don't copy-and-paste the address that the questionable notice shows. She also recommends not opening emailed birthday cards. Two years ago, she opened one that appeared to come from a good friend. Only that "good friend" started sending streams of porn. It took her more than a year to get the problem under control.