Getting To Know The Enemy
New here? You may want to subscribe to my RSS feed. Thanks for visiting!
Earlier this week I posted about a phishing scam — an email designed to cause you alarm and to take action by downloading an attachment. It sounded official, and, to the unsuspecting eye, could really get your attention. I have another one to show you.
My decision to include this is to serve as another example of how we can become fooled with fancy words and the sense of urgency. But remember this: the more you know about your enemy, the less likely you are to become their victim.
In this particular instance, an attachment was included, but with an icon embedded in the body of the email. The phrase, “Word has encountered an error, please double click on the icon above to relaunch msword.exe” was included.
The purpose of this was to lower your defenses — your mental defenses, that is — because you’re more likely to think that some sort of “processing” has taken place on your computer, and if your computer knew to do something, then it must be all right, yes? Nope.
Here’s the message:
Dear business owner ,
It has come in our attention that your company is participating in an illegal scheme to avoid paying taxes can result in imprisonment and fines, as well as the repayment of taxes owed with penalties and interest.
Certain large and mid-size corporations are required to electronically file their Forms 1120 and 1120S. Other corporations may do so. We have attached to this email an e-file information for corporations that prepare and transmit their own electronic corporate income tax returns and those that use the services of third party tax professionals.
Our web site provides an overview of electronic filing and more detailed information for those corporations that prepare and transmit their own income tax returns. Corporations that rely upon third party tax professionals to prepare and transmit their tax returns should consult their tax professional.
The IRS has begun an investigation regarding this fact and we need your cooperation. Instructions on how to resolve this, as well as a INVESTIGATION FORM are attached to this email.
Please complete the form, sign it and send it to tax-avoidance@irs.gov within 48 hours. Thank you
George William
IRS TAX PAYMENT AGENT
FRAUD DEPARTMENT
Wow! It’s from the IRS. It sounds official, and gives you the sense that maybe somebody has been watching you.
Well, don’t fall for it. Have you ever received a legitimate email from the government. To the best of my knowledge, snail mail is the preferred method of communication for such warnings.
So, I said it before, but it bears repeating: if you question the legitimacy of a message, contact the entity being represented and DON’T use the contact information in the email as it could also be fake. And don’t click on any links. Instead, either run a search for the company to find their true web site or type in the URL to get there.
[tags]phish,scam,virus,computers[/tags]
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
Hi Bush, thanks for the kind words. The bad guys are getting smarter and we have to keep up with them. Maybe they’ll give up one day and decide to use their powers for good, you think? Yeah, me neither. 
Hi,
I work with emailcloud.com, an email spam filtering company.
We have watched the rise of phishing over the past few years and have been amazed…both at the sheer ingenuity of the con-men involved and their success!
Over the past few years we have noticed that the rather feeble phishing attempts are now being replaced by really professional looking versions. Also, while PayPal & Ebay were the original targets we are seeing the rise of small banks and insurance companies in the rise.
Phishing works, we need to educate people to be more protective of their personal data.
Ross Cooney
http://www.emailcloud.com
@Ross
It is amazing their ingenuity and success. I just hope they one day see that they could do so much with their intelligence if they just direct it to something good. Thanks so much for dropping by, Ross. I hope to see you here more.
Funny that I should find this post because I wrote one the other day about a phishing scam! Good advice definitely, you should have your whole last paragraph bolded as it is GOLD.