Another spam run is spotted by Trend Micro again using the United States Internal Revenue Service (IRS) to phish for sensitive information from affected users.
The following is a sample email message that promises a $93.60 tax refund to the recipient:
The spammed email message, using in its banner the seal of the IRS of course, asks recipients to submit a tax refund request by filling out a form. Probably in an effort to buy time, the message warns those who receive the “tax refund” proposal that processing their requests may take six to nine days.
The form, as the message says, can be accessed by clicking a link in the message. This redirects to the following page, which at first glance may look like a genuine document from the IRS:
A suspicious eye, however, would immediately recognize the sensitive nature of the information being asked of users: social security and credit card numbers, as well as ATM personal identification numbers.
The IRS has been used by malware authors before in their activities; one of the more notable ones would be the bogus IRS sites discovered by Trend Micro researchers last January to be containing links to malicious .EXE files.
This social engineering technique would look to be productive for spammers and phishers especially now that it’s tax season. Users are advised to be careful in clicking links in spammed messages. Sensitive information also should never be disclosed to unknown and untrusted sources.