Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

IRS scam now world's biggest e-mail virus problem
ComputerWorld ^ | 25 September 2009 | Robert McMillan

Posted on 9/29/2009, 5:29:31 PM by ShadowAce

IDG News Service -

Criminals are waging a nasty online campaign right now, hoping that their victims' fears of the tax collecter will lead them to inadvertently install malicious software.

The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham. This one campaign accounts for about 10 percent of the spam e-mail that his group is presently tracking, he said. "This is the most prominent spam-delivered virus in the world right now," he said.

Since first spotting the spam on Sept. 9, antispam vendor Cloudmark has counted 11 million messages sent to the company's nearly 2 million desktop customers, said Jamie Tomasello, abuse operations manager with Cloudmark. That number is "very high," she noted.

The messages typically have a subject line that reads, "Notice of Underreported Income," and they encourage victims to either install the Trojan attachment or click on a Web link in order to view their "tax statement." In fact, that link takes the victim to a malicious Web site.

The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.

What makes this campaign particularly ugly is that the malware that accompanies the fake IRS messages is a variant of the hard-to-detect Zeus Trojan. This software hacks into bank accounts and drains them of money as part of a widespread financial fraud scheme. Researchers estimate that the Zeus criminals are emptying more than a million dollars per day out of victims' bank accounts with the software. Small businesses have been particularly hard-hit by this fraud, because banks have sometimes held them accountable for the losses.

(Excerpt) Read more at computerworld.com ...


TOPICS: Computers/Internet
KEYWORDS: spam

1 posted on 9/29/2009, 5:29:31 PM by ShadowAce
[ Post Reply | Private Reply | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

2 posted on 9/29/2009, 5:29:52 PM by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

My business e-mail address has been getting flooded with this. Sender’s address is allegedly noreply@irs.gov (but anyone can spoof a sender’s address). Subject line is always “Notice of Underreported Income”, however the ax ID number is something randomly generated. The first instance was immediately forwarded to phishing@irs.gov.

The IRS will never use e-mail medium for such correspondence. It will always be via US Postal Service.


3 posted on 9/29/2009, 5:53:28 PM by Fred Hayek (From this point forward the Democratic Party will be referred to as the Communist Party)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fred Hayek
The IRS will never use e-mail medium for such correspondence. It will always be via US Postal Service.

Exactly. I hope more people know this as well.

4 posted on 9/29/2009, 5:54:47 PM by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 3 | View Replies]

To: ShadowAce

5 posted on 9/29/2009, 6:00:24 PM by JoeProBono (A closed mouth gathers no feet)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pharmboy

ping


6 posted on 9/29/2009, 6:01:22 PM by thefactor (yes, as a matter of fact, i DID only read the excerpt)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce; sergeantdave; Blogger; murphE; Paleo Conservative; It's me; devolve; ransomnote; ...
The messages typically have a subject line that reads, "Notice of Underreported Income," and they encourage victims to either install the Trojan attachment or click on a Web link in order to view their "tax statement." In fact, that link takes the victim to a malicious Web site.

The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.

Ping

7 posted on 9/29/2009, 6:11:10 PM by GOPJ (IF new definition of racist is a person who disagrees with Obama-then I'm a racist and PROUD of it.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

The crooked IRS does not know my e-mail; therefore, I knew there were other crooks behind this.

I threw their address into my e-mail mulch bin never to arrive to my e-mail address again.


8 posted on 9/29/2009, 6:16:58 PM by Gatún(CraigIsaMangoTreeLawyer)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

P.S.

Thank you for information. I was wondering what other crooks were behind this scam.


9 posted on 9/29/2009, 6:19:18 PM by Gatún(CraigIsaMangoTreeLawyer)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
Exactly. I hope more people know this as well.

I'd be willing to bet that the first 5000 people lured in to this will be people who voted for 0bama. Suckers and morons, every one of them.

10 posted on 9/29/2009, 6:25:50 PM by Bloody Sam Roberts (An armed man is a citizen. An unarmed man is a subject.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: GOPJ

Why would I want to open email from the IRS? I don’t even like opening snail mail from them.


11 posted on 9/29/2009, 7:45:52 PM by Paleo Conservative (I wonder why Solomon Ortiz (TX-27) likes Muammar Gadaffi so much?)
[ Post Reply | Private Reply | To 7 | View Replies]

To: ShadowAce

Interesting, and how dumb that anyone would even open it.


12 posted on 9/29/2009, 7:53:04 PM by potlatch
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibreOuMort

ping


13 posted on 9/29/2009, 8:17:56 PM by sionnsar (IranAzadi|5yst3m 0wn3d-it's N0t Y0ur5:SONY|Remember Neda Agha-Soltan|TV--it's NOT news you can trust)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Paleo Conservative

Why would I want to open email from the IRS?...etc...
= = = = = = = = = = = = = = = = = = = =
Persactly....that would be like opening an email from the “Nigerian Govt” with the subj matter “help us catch email scammers”.....
Also, anything with Love, Darling, My Dear etc etc goes straight to the zap file.....


14 posted on 9/29/2009, 8:50:47 PM by xrmusn ((6/98 )VOTE THE INCUMBENTS OUT)
[ Post Reply | Private Reply | To 11 | View Replies]

To: ShadowAce

The socialist government thieves hate competition.


15 posted on 9/29/2009, 9:13:21 PM by TexasRepublic (Obama = Jim Jones coercing us into suicide on a national scale)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
Hehehehehehehe!That's what the crooks get for scaming Americans!End the fed,end the IRS and get rid of Nobama!
16 posted on 10/8/2009, 12:19:17 AM by taxtruth (Something Really Stinks In The Federal Government and I think BO is the 1st place to start!)
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson