Summer is a great time to go fishing.
Turns out, some people think it's also a great time to go phishing ...as in those on-line crooks who try to steal your personal information so they can rip you off.
Most folks have gotten wise to the bogus emails purporting to be from a bank or PayPal and correctly delete them without opening.
So identity thieves have switched tactics. Now they’ve adopted a disguise they figure you can’t ignore. They’re baiting their devious hooks by making them look as if the email is coming from the one source most Americans dare not ignore: The Internal Revenue Service.
These phony emails look amazingly authentic, right down to the I.R.S. logo. Making them more enticing is the fact that many say you have a tax refund due. Even the wording sounds like official I.R.S.-speak. Here’s a sample:
After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80.
The email states that to claim this money all you need to do is fill out a form. You get it by clicking on the link conveniently embedded in the message. Then, of course, they ask for things such as your Social Security and bank account numbers and -- voila! -- you’re hooked.
This is just one approach. The I.R.S. has identified nearly 100 different scams since last November. There were 40 new ones in March alone. But June was another big month, with 20 new phishing schemes popping up.
“The I.R.S. never sends unsolicited emails,” according to an I.R.S. spokesperson. While you might choose to communicate with the I.R.S. via email once a relationship is established, she says the agency itself “would never, ever initiate” a conversation via email. Even in that case, it would never ask you to submit personal information -- PINs, credit card and bank account numbers -- via email.
Unfortunately, there is little the federal government can do if and when the I.D. thieves are caught. That’s because most of the scamsters are using servers outside the United States. They have been traced to Australia, Canada, China, Poland, Singapore, Germany, and Indonesia to name a few of the countries.
Catching and prosecuting the individuals behind these scams is difficult due to the “here today, gone tomorrow” nature of web-based scamsters. So the I.R.S. is focusing on “prevention rather than punishment.” That involves locating and shutting down the sites as quickly as possible and educating consumers about this problem.
Each of us can help. If you receive any suspicious email that uses the I.R.S. name or logo, the Internal Revenue Service requests that you forward it to them so they can investigate. Out of the more than 7,000 bogus emails that have been forwarded to the I.R.S., 1,200 were received last month.
In order for the fraudulent email to retain important information such as its URL and link -- critical elements for identifying the source -- you need to follow the procedure outlined on the I.R.S. website.
Type the word “phishing” in the search box. Next, locate the article called “How to Protect Yourself From Suspicious E-Mails.” Scroll through this to find the instructions on how to forward a suspicious email.
Don’t expect a reply. Given the volume of emails this mailbox receives, the I.R.S. says that’s impossible.
If you feel you are a target of identity theft -- whether or not it’s related to the I.R.S.-- you should contact the Federal Trade Commission, which is the lead agency on this issue.
The FTC has a special website dedicated to protecting yourself from identity theft and what to do if you become a victim: http://www.consumer.gov/idtheft/index.html.
In addition, a half dozen federal agencies have banded together to jointly support the website OnGuardOnLine.
Be aware. Be smart. Be careful.
Hope this helps,
If you have a question for Gail Buckner and the Your $ Matters column, send them to: [email protected], along with your name and phone number.