Cybercriminals used the IRS website in a phishing scam because of insufficient programming.
Phishers have been sent an e-mail which informed people that are going to get a refund of $571.94 from the IRS and the receivers are asked to follow a link that goes to a forged IRS Web site that asks for a Social Security number, tax return filing code and credit card details including security code and PIN. The e-mail had link to a fraudulent web site but the link actually goes through a legitimate government Web site that only last month was promoted by President Bush.
“This is more advanced than the typical phish, because the Web link really does–at first–take you to the real tax benefit Web site,” said Graham Cluley, senior technology consultant for U.K. security vendor Sophos. “Unfortunately the way the government Web site has been configured allows the phishers to bounce the unwary in their direction.”
“It comes about because people don’t think about security during the design of their Web site. They were thinking about features,” said Russ Cooper, senior scientist at Cybertrust.
Sophos discovered this problem a few days ago and the phishing site was shut down.