FYI...

More IRS scams...
- http://www.us-cert.gov/current/#internal_revenue_service_tax_scams
March 31, 2008 - "US-CERT is aware of a series of scams circulating that are related to the United States Internal Revenue Service. The first of these attacks attempts to convince users to open bogus tax documents that may contain malicious code.
Additional attacks attempt to convince users to follow a link in an email message to an unofficial tax website that may contain malicious code or request personal information as part of a phishing scam..."

Updated...

- http://www.us-cert.gov/current/#internal_revenue_service_tax_scams
updated April 1, 2008 - "US-CERT is aware of a series of email scams circulating that are related to the United States Internal Revenue Service. Attacks have been observed that use email to convince users to perform the following actions:
* open an email attachment containing bogus tax documents that are embedded with malicious code
* follow a link to an unofficial tax website that contains malicious code
* follow a link to an unofficial tax website that requests personal information from the users as part of a phishing attack
* call an unofficial phone number that requests personal information from the user as part of a phishing attack..." (Vishing)

FYI...

- http://blog.trendmicro.com/phishers-raise-their-voices/
April 2, 2008 - "This technique — more popularly (and creatively) known as “vishing” — uses the all-too-familiar spammed email message format as initial bait... This time, however, the striking difference from past phishing emails is that instead of a malicious URL, the message contains a number that users are encouraged to call for information on possible “tax refunds.” An automated voice recording answers queries and asks callers for sensitive information: credit card and social security numbers, for instance. The timeliness of this attack is evident as deadline for filing taxes is nearing. Users may have learned to not trust unknown links; this time Trend Micro advises users to be extra careful in disclosing information even to “customer service” numbers as well."

(Screenshots of the phishing/vishing emails available at the URL above)

FYI...

- http://isc.sans.org/diary.html?storyid=4237
Last Updated: 2008-04-04 15:52:01 UTC - "With tax day getting closer in the U.S., the number of reports on related social engineering tricks are picking up as well. The e-mails are basically a re-hash of the Better Business Bureau scams that we covered a while back. As the e-mails still seem to be targeting mainly executives of a firm, the trick might still work. The current emails contain text in the style of

Dear [Name of Executive]
I am sorry but in order for [Name of Firm] to get a tax refund, all the fields must be completed.
Please complete the missing fields on the attached form and re-send it to me.

nicely adorned with bells&whistles to make it look like it really comes from the IRS. Another series uses the old "A tax complaint has been filed against you" line, which probably is less likely to get the Execs to click. But who doesn't want a refund... Thanks to all ISC readers who have sent samples of this scam over the past days."

FYI...

- http://blog.trendmicro.com/more-irs-malware-as-us-tax-deadline-looms-cyber-criminals-ramp-up/
April 8, 2008 - "...As expected, cyber criminals have renewed their illicit campaigns to bilk consumers of their money, but also infected them with malware intended to perpetrate identity theft. This sort of effort to fraudulently victimize consumers during the rush up the filing deadline (April 15th) of the U.S Tax season generally always shows up this time of year, but the social-engineering and sophistication continually evolves to ensnare as many victims as possible. This year is no exception. Earlier today, Trend Micro researchers began to receive reports of a new, targeted spam campaign which are specifically targeted to high-profile companies — some of them being Fortune 500 companies and U.S. Defense contractors — which would indicate that financial fraud is not the only intended goal of these criminals. Given their targets, they are possibly also looking to infiltrate high-profile companies for other, perhaps more insidious, reasons. The malicious spam messages all look similar to the image above, and all have a subject line that are identical in format, yet crafted for each individual company:

“Re:tax contract for [company name], Inc.”

The MS Word attachment harbors a Trojan (which Trend Micro will detect as TROJ_DELF.HAV), and if opened, tells the user that “…Microsoft Word has encountered an error and needs to close. Please double click the icon to reload…” — which will initialize the Trojan. Internet users are reminded that they should NEVER open unsolicited e-mail attachments..."

(Screenshot available at the URL above.)

An e-mail with the subject "2008 Economic Stimulus Refund" urges the recipient to log in to the IRS website before May 5 to arrange for direct deposit of the economic stimulus refund. Otherwise the refund will be delayed. The URL is:

http://www . firenice . us/catalog/images/banners/secure/help.php

I added spaces both before and after the dots in the above domain name to prevent it being turned into an active link.

My local radio station just announced these scams for the local news. I suppose some people in my area have fallen for this.

It seems strange that the alarms for the IRS scams are all being raised by private parties. These phishing attacks should draw the attention of the fed's??? These scamming criminals have continued to grow in terms of more sophisticated attacks because no one is pursuing them. Since they are trying to draw the gullible/vulnerable to their websites, it would seem fairly easy to track them down and prosecute them. Sure education should help stop this problem, but every day new users are coming onto the Internet and naively falling for these traps. Why isn't the federal government making at least a feeble attempt to catch these criminal gangs? Don't they care? Are they clueless? Maybe the FBI should take a few minutes out of their busy (??) day and read this forum. You can damn bet these criminals are.

FYI...

- http://www.fbi.gov/cyberinvest/cyberhome.htm
"The FBI's cyber mission is four-fold:
first and foremost, to stop those behind the most serious computer intrusions and the spread of malicious code;
second, to identify and thwart online sexual predators who use the Internet to meet and exploit children and to produce, possess, or share child pornography;
third, to counteract operations that target U.S. intellectual property, endangering our national security and competitiveness; and
fourth, to dismantle national and transnational organized criminal enterprises engaging in Internet fraud..."

Thanks for the information regarding the mission of the FBI. After all I'm just a poor hard working citizen so what do I know. I was naive enough to think that at least part of the mission of the FBI was to take on crime syndicates that prey on American citizens to the tune of a Billion+ dollars a year. Many of the victims are elderly and vulnerable. It seems that the FBI could spend just a small part of the day shining a little light on these roaches.

If you're looking for people on these forums to provide information about ongoing investigations, it's not going to happen. Just take people's word on it, cybercrime is not being ignored.