Notice from the IRS indicating the recipient is being penalized $10,000 for failure to file an income tax return.
Example: [Collected via e-mail, February 2012]
To Whom it May Concern,
Please be informed, that you need to pay a penalty because you did not file income tax return before January 31, 2012.
Please pay attention, that IRS [Section 6038(b)(1)] rates a monetary penalty to the amount of $10,000 for each [Form 5471] that is filed after the deadline of the income tax return, or does not comprise the careful information described in [Section 6038(a)].
You will be released from the penalty on condition that the company shows that the failure to file on time was based on ample grounds.
Please use the link below to enter our official site and obtain more information.
Internal Revenue Service United States
Department of the Treasury
Notices purporting to come from the Internal Revenue Service (IRS) make good phishing
bait for a number of reasons:
- Notices from institutions of the federal government (especially an agency with the ominous reputation of the IRS) grab people's attention.
- Unlike other phishing schemes that emulate mailings from various private financial institutions (e.g., Bank of America) and are therefore easily recognized as phony by many recipients (because they do no business with those companies), a forged IRS notice has the potential to take in a much larger pool of victims, as most adult U.S. residents have dealings with that agency.
- Many people find the federal income tax filing process complicated and confusing, so the idea that a return may have gone astray and not made it to its proper destination in time seems plausible.
A February 2012 mass phish e-mailing
took advantage of those points, spamming millions of Internet users with phony notices that advised recipients they were being penalized $10,000 each for failure to file income tax returns before a cutoff date of 31 January
2012. (The deadline
for filing U.S. federal income tax returns is actually 17 April
The IRS never sends out unsolicited e-mails
to taxpayers. When the IRS needs to contact a taxpayer, it sends notice via U.S. Mail,
and every such notice includes a telephone number that the recipient can call for confirmation. Should you need to visit the IRS web site for any reason, go there directly (by entering the www.irs.gov
URL into your web browser) rather than following links in e-mail
says about such e-mails
The IRS does not initiate taxpayer communications through e-mail. In addition, the IRS does not request detailed personal information through e-mail or ask taxpayers for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.
Do not open any attachments to questionable e-mails, which may contain malicious code that will infect your computer. Please be advised that the IRS does not initiate contact with taxpayers via e-mails.
9 February 2012