Authorities warn of new e-mail scams

Published 7:58 pm Thursday, October 21, 2010

You have not won a cruise to the Caribbean, you are not relatedto the king of Nigeria and the IRS is not e-mailing you about yourfederal taxes.

Those familiar with modern e-mail scams may be familiar with thefirst two hoaxes – cruises in the tropics aren’t just given away inrandom e-mails, and Nigeria has a president – not a king – andyou’re still not his long-lost cousin.

But a new fake e-mail seeking to rip off confidential informationin the guise of an urgent notice from the Internal Revenue Servicemay take some people by surprise. The IRS is warning recipients ofthe hoax to remain calm and simply click on the “delete” buttonwith the innocent-looking e-mail shows up in the inbox.

Subscribe to our free email newsletter

Get the latest news sent to your inbox

“The big red flag there is the IRS is not going to be contactingyou by e-mail,” said Dee Harris, a spokesman in the agency’s NewOrleans office. “We’re not going to send you an e-mail regardingyour personal or business taxes.”

The new e-mail scam making the rounds is a phishing trick thatattempts to get unsuspecting users to click on a hyperlink thatwill supposedly take them to a website that will help clear up theconfusion with their taxes. But the link is a trapdoor to potentialidentity theft.

The scam comes with all the jargon and numbers to make it look likethe real deal. The subject line of the e-mail reads, “We DeclineYour Federal Tax Payment ID” and contains a series of numbers thatresemble an account number. It even lists the name of the businessthe recipient works for or owns – information easily obtained onthe Internet, Harris pointed out.

The body of the e-mail alerts recipients “the identification numberused in the Company Identification Field is not valid. Please,check the information and refer to Code R21 to get details aboutyour company payment in transaction contacts section:” followed bya long, confusing hyperlink.

The e-mail goes on to claim its part of a real program, theElectronic Federal Tax Payment System. Not so, Harris said.

“A lot of times they use codes that aren’t even valid IRS codes, orindicate form numbers from IRS forms that don’t even exist. Itlooks official, but when you start researching the informationyou’ll find it’s not actual, or even completely fraudulent,” shesaid. “Your federal ID number is not something people should beable to access, but we are in the age of identity theft, and you’dbe surprised at the lengths these people will go to make theirscams seem more realistic.”

Harris said the new scam first appeared around the end of August.The website the e-mail’s hyperlink takes users to is loaded withmalicious software that will attempt to scan the user’s computerand steal personal information.

The IRS is encouraging recipients of the scam to report the e-mailby visiting and clicking on the “Report Phishing” linkon the right-hand side of the page.

“Keep reporting it. The more people let us know it’s out there, themore we can work to shut the scamsters down,” Harris said.

The anonymous IRS imposters are not the only would-be thievessending suspicious e-mails around Brookhaven these days. A secondscam beginning to surface attempts to take advantage of local TVand Internet provider Cable ONE.

The Cable ONE e-mail’s subject states, “Avoid Cable ONE AccountShutdown *Verify Now*.” The body of the e-mail goes on to warnrecipients their Cable ONE e-mail account is not secure andprovides a “click here” hyperlink to supposedly help usersstraighten out the security issue.

Of course, the hyperlink is the security issue. This scam isparticularly easy to spot – especially if the person receiving itdoes not have a Cable ONE e-mail account, as in the case of theBrookhavenite who provided his copy to The DAILY LEADER.

Cable ONE representatives identified the e-mail as a phishing scam,pointing out the company never asks for personal or accountinformation in e-mails.

The Mississippi Attorney General’s Office warns people to neverreply to such e-mails and certainly don’t click the hyperlink,pointing out that legitimate companies will never seek personal orfinancial information in an e-mail format. E-mails containing fileattachments should likewise be avoided, and virus scanning softwareshould be kept up to date.

Anyone who may have fallen victim to such scams is urged to callthe office’s Consumer Protection Division at 800-281-4418.