I have a disturbing personality quirk. I have had it for a very long while, actually-- I don't respond well to the words "mandatory" or "required", and I don't do too well with "urgent" or "now!" either..
When someone (say, my mother) would tell me to, "get over here now", I knew I was in trouble and I would move slower than grass grows.
When a Mandatory Staff Meeting was being held (back in the days before self-employment) I was famous for always having some trick worked out that allowed me to escape attendance.. because we all know that "Mandatory Staff Meeting" translates into English as "torture session - guaranteed to drive you insane."
So, armed with that knowledge about me, you will understand why I ignored this e-mail for several days...
IRS Notification - Tax Refund - Attention Required.
.. and if you read me regularly (or, happened to catch this article) you know that when I did take an action on this e-mail, I marked it as Junk, unopened.
What?! (you say) How could I disrespect the IRS?! (you say)
Well, for one, the IRS does not e-mail you important documents (neither does your bank, or Pay Pal, or..). And, the IRS -- like almost every other Government institution -- uses "dot gov" in its URL. In fact, the Internal Revenue Service's web address is www.irs.gov.
These particular phraudsters haven't tried spoofing the URL, instead they've set up a similar looking name, hoping that I wouldn't notice.
This classic phishing attempt is using "social engineering" to try to get me to reveal information that will allow cyber-criminals to adopt my identity. It is using my conditioning (to reacting) to Authority. It is appealing to my greed. It is telling me to "act now" (or miss out). In it is a hyperlink that would take me to a very realistic-looking fake IRS website.
This phraudster, or gang, probably had a network of zombie computers send out a million of these e-mails.. because he knows that for every phishing-savvy person, who deletes at a glance, there's 3 who've never heard of phishing.
Tip of the day: Pay attention to details, and know that IRS phishing e-mails are an everyday occurrence, and an estimated 6,000 fake IRS websites are in daily operation. Don't even open e-mails you suspect may be a scam.
Yes. I'm repeating myself. But, at least a part of someone's identity is being stolen every two seconds (global) at an estimated cost to business of $25 billion a year. That's 15,000,000 victims a year.
Today's free link(s): Folks, I don't usually do this (in fact, I never have before).. but I bet you don't know that you have a heuristic bogus Website detector built right into your machine, and all you have to do is turn it on. I wrote an article on how to do that, and the link to it is here.
Firefox users have this protection as well, and it is already enabled. When you see this..
you've stumbled across a cyber-criminal's site. I have been using the new version of Mozilla's Firefox browser, Firefox 3, for a while now, and am satisfied enough to recommend it. To get it, or just read more about it, click here.
Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix
No comments:
Post a Comment