Gone Phishin’

I rec’vd an email from the “IRS” today:

Our records indicate that you are qualified to receive the
2008 Economic Stimulus Refund.

The fastest and easiest way to receive your refund is by
direct deposit to your checking/savings account.

Please follow the link and fill out the form and submit
before May 10th, 2008 to ensure that your refund will be
processed as soon as possible.

Of course, the link given doesn’t quite go to the IRS, despite that it came from a “.gov” email address. A quick whois search on the IP in the link revealed a server registered to an ISP that, from what I could tell with a few more google searches, seems pretty notorious for spam, etc.

If you google the text above, you’ll find it’s a well-known scam that the U.S. Attorney’s Office and the IRS began warning people about a few days ago.

These types of attacks, a phishing attempt at grabbing your bank account information, are increasingly becoming “commodities” in the world of cybercrime, as the economics are shifting to more profitable targets. From the NY Times:

Pilfered credit card numbers and bank account PIN numbers have become commodities on shadowy Web sites where stolen digital information is bought and sold. Company e-mail, business documents and personal health information are the new targets of choice for illegal hackers…

…A couple of years ago, credit card numbers and bank account PINs sold for $100 or more on sites selling stolen information…Now, the price is down to $10 or $20, compared to $150 to $200 for some of the newer documents.

Commodity or not, the phishing scam remains a tried and true way to get access to your money.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: