It isn’t often that we receive private communication from the Internal Revenue Service. Now they’re sending out email. Or, are they?
Phishing is a sport my father never got involved in, though it still requires hook, line, and sinker. And bait. Phishing is defined as the activity of defrauding an online account holder of financial information by posing as a legitimate company.
Think of fishing and phoney combined. Hence, phishing.
Today’s latest phishing episode comes from the IRS. As in Internal Revenue Service. Do people who fall for such scams ever wonder how the IRS got their email address in the first place, but don’t know their first or last name?
It takes someone stupid to be tricked by someone smarter, though there seems to be more of the former than of the latter. In this case, the latter group wins.
My message from the IRS was rather straightforward:
Internal Revenue Service (IRS)
United States Department of the Treasury
After the last annual calculations of your fiscal
activity we have determined that you are eligible
to receive a tax refund of $184.80.
Please submit the tax refund request and allow us
6-9 days in order to process it.
A refund can be delayed for a variety of reasons.
For example submitting invalid records or applying
after the deadline.
To access the form for your tax refund, use the following
Internal Revenue Service
If a few million messages like that are sent, a few dozen recipients might be willing to cough up some kind of personal information. Social security number. Credit card number. Whatever.
Stupidity can’t be fixed.
In this case, the link provided doesn’t actually work. It’s not a real Internet URL so no one was in danger. Stupidity banking on stupidity usually doesn’t work.