IRS targets bogus phishing e-mails

Computerworld - The U.S. Internal Revenue Service has set up an e-mail address, phishing@irs.gov, that taxpayers can use to send in copies of suspicious e-mails they have received that claim to be from the IRS.

In a statement, the IRS provided precise instructions about how to properly submit copies of possibly fraudulent e-mails. However, because of the volume of correspondence the IRS expects, it says it can't acknowledge receipt of the e-mails or reply to taxpayers who submit them.

The IRS also urged taxpayers to watch out for suspicious e-mails that try to trick users into disclosing personal and financial information that can be used to steal a person’s identity -- and their money. “The IRS does not send out unsolicited e-mails asking for personal information,” said IRS Commissioner Mark Everson in the statement. “Don’t be taken in by these criminals.”

In addition, the IRS said it does not ask taxpayers for personal identification numbers, passwords or other secret access information for their credit cards, banks or other financial accounts.

The IRS said it has seen a recent increase in such scams, many of which originate outside the U.S. To date, investigations by the Treasury Inspector General for Tax Administration have identified sites hosting more than two dozen IRS-related phishing scams. Those Web sites are located in at least 20 countries, including the U.S.

“The current scams claim to come from the IRS, tell recipients that they are due a federal tax refund and direct them to a Web site that appears to be a genuine IRS site,” according to the IRS. “The bogus sites contain forms or interactive Web pages similar to IRS forms or Web pages but which have been modified to request detailed personal and financial information from the e-mail recipients. In addition, e-mail addresses ending with .edu — involving users in the education community — currently seem to be heavily targeted.”