Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.


Phish of the Day: The Internal Revenue Service

I don't usually post about phishing, since it's pretty old hat, fairly common, and covered by other specialists anyhow. This particular instance was sufficiently interesting to write about, however. It's an attempt to obtain credit card details (including the CCV code) under the pretext that you're due a tax refund. I've attached a screenshot of the phishing site as rendered in my browser.

This particular phish is hosted on a compromised webmail server in China. The URL is, but note that the "caseid" value is not significant in any way -- it's just a red herring. The three dots immediately following the server name designate a directory that is normally hidden (and could easily be overlooked if not hidden). It looks a little conspicuous in a URL, however, and if these folks ever check their log files, they'll pick it up. Certain parts of the page so loaded do refer to the IRS website, and some content is obtained that way, so the IRS folks will be aware of this already if they're paying attention to their own server logs.


Anonymous said...

Yup, just got one.

These need to be punished as felonies and a $100,000 per incident with 50% of the monies going to the host country if they assist in the apprehension of the phisher.

Spotter said...

I haven't investigated the new website, but there is indeed a new IRS phish going around. My copy was as follows, where the "click here" part linked to

---------- Forwarded message ----------
From: Internal Revenue Service <>
Date: 12 Oct 2007 04:31
Subject: Notification: Please request your refund.

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $268.32.
Please submit the tax refund request and allow us 3-4 business days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here

Internal Revenue Service

© Copyright 2007, Internal Revenue Service U.S.A. All rights reserved.