quote:

---

Phishers send email posing as IRS tax refund

Link to legitimate government website bounces you into the hands of phishers

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users of a phishing email which aims to steal from American taxpayers by posing as notification of a refund from the Internal Revenue Service (IRS). The phishers are taking advantage of a security configuration error on the real US Government website which is allowing phishers to redirect visitors to a bogus website.

The email invites taxpayers to visit a website to collect their refund.

In an attempt to look more legitimate, the email tells users to cut-and-paste the link into their web browser rather than click directly on it. Although the link does use the genuine domain name of a real government website (www.govbenefits.gov), a mistake in the way the website has been set up bounces surfers to a bogus site run by the phishers.

The bogus benefits website asks for information from taxpayers.

"This phish tells you that the IRS owes you several hundred dollars, and offers you a web link from which you can allegedly claim your tax refund," said Graham Cluley, senior technology consultant at Sophos. "But the link in the email simply bounces you off a US Government website onto a site owned by the criminals, who are ready and waiting to steal your credit card details, Social Security Number and other personal information."

---