Online scammers, always quick to exploit the latest news event, are sending out e-mails promising economic-stimulus package payments but that instead steal sensitive data, the US-CERT warned on Friday.
US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide personal information.
Users receiving the fraudulent email messages are encouraged to send the email message and the website URL to the IRS at phishing@irs.gov.
US-CERT encourages users to do the following to help mitigate the risks:
- Do not follow unsolicited web links received in email messages.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks (pdf) document for more information on social engineering attacks.
- Review the How to Report and Identify Phishing, E-mail Scams and Bogus IRS Web Sites document on the IRS website.
The U.S. Senate was debating President Obama’s $920 million economic-stimulus plan on Friday after the House of Representatives had approved a version.
That’s one thing I learned early on… I hardly ever follow links in my email. I figure if the message is sent via email, I should be able to log in directly to a site and find it there as well, whether Ebay, my bank, or social networking sites. That’s probably the easiest way to prevent being scammed.
~ Kristi
That’s the key to keeping your personal data safe and not getting ripped off!