Rare Book Monthly
Articles - September - 2006 Issue
A New "Phishing" Expedition No One Should Believe
Fake IRS form asks for every pertinent piece of data that could be used to steal from its victim.
The email then offered me a link to the form necessary to obtain my refund. You should never click such links in an email. Never. Violating this most sacred truth (though only after determining it was a link, not a download, and using a MAC computer, which is mostly virus-free), I clicked to see the form. As seen on this page (left), the form was a real IQ test. Anyone who ever fills out a form like this is either incredibly naive, stupid, uneducated, foolish, crazy, or all of these. Actually, I am all of the above, but still rational enough to see through this one. Here is what they wanted from me: social security number, name, address, birthday, credit card number, expiration date, CVV number (that three digit code on the back of your credit cards), and (this is a first) my pin number. None of these spoofs has ever had the nerve to ask for my pin before.
So think about this one carefully. Of course we all know this didn't really come from the IRS, any more than that earlier email came from late Nigerian Dictator Sani Abacha's rich widow. But what if it did? If the email really did come from the IRS, would you want to send them your credit card digits and bank account pin number? I've never had my bank account emptied by a Nigerian, but it has happened many times with the IRS. No, this is one email where, even if I believed the source was legitimate, I would not want to send them my banking information. Fill out this form and heads you lose, tails you lose. Delete immediately.
