This summer the IRS sent out a notice that in one month alone they received 1300 reports of bogus emails claiming to have been sent by them. They were all examples of typical phishing type emails. In these emails a party claiming to be a party you trust (or perhaps in this case, fear) claims that for some legitimate sounding reason, they need you to click on a link and confirm details about yourself such as your full name, address and account number. Sometimes they even ask for your social security number.
The fact of the matter is that absolutely no business will do this if their legal team is on the ball. Even if you tell them you want them to. (I’ve tried.) Just the fact that you have received an email like this should throw up a red flag. Even that link you click on can take you somewhere you don’t expect. The same technology that allows me to make a link out of words allows someone else to make a link look like it goes to your bank site that really goes somewhere else. If you receive bills electronically, you may notice that some companies address this by telling you what website to go to without making it a clickable link.
These are things that everyone should already know if they have any kind of online identity from a simple email account on up to webmaster. So why do they still bother sending these emails out? Because people still fall prey. There are, likely, still some people who don’t know that businesses will not contact you through email for this kind of information. Their method of choice is, of course, mail. But does that account for everyone?
Most likely the problem is that we really aren’t paying much attention. We get an email that looks official at first blush from someone we trust, so we do what it says without really thinking about it.
Paying more attention to any email asking us to do something is important these days. Check the email over. Is it asking for something that the sender should already know? Are there odd spelling errors? Many of these emails come from overseas from people who don’t speak English fluently or they speak another dialect of English, so strange grammar or spelling could be a sign of a phishing email. When you click on a link, check to see where it takes you. Once I got a cleverly worked spam where the link they were using was one letter off from the legitimate site.
Bottom line, pay attention and if you aren’t sure, contact the company or government agency the email is claiming to come from.
For more information on who from the IRS may be contacting you and about what, check out this news release.
You can learn more about Phishing at these sites:
http://www.irs.gov/pub/irs-pdf/p4523esp.pdf
http://www.microsoft.com/athome/security/email/phishing.mspx