Fwd: WSLabs, Phishing Alert: Internal Revenue (FAO Todd Towles)

[n3td3v <xploitable () gmail com>]

Heres proof I have infulence over the biggest of corporations!

---------- Forwarded message ----------
From: Websense Security Labs <DoNotReply () websensesecuritylabs com>
Date: Dec 15, 2005 6:40 PM
Subject: WSLabs, Phishing Alert: Internal Revenue Service
To: xploitable () gmail com


Websense(r) Security Labs(TM) has received reports of a new phishing
attack that targets American taxpayers and claims to be the Internal
Revenue Service. Users receive a spoofed email message, which claims
they may access and track their tax refund information online. Upon
clicking the link in the email, users are taken to a fraudulent
website. The fraudulent website prompts users for their first and last
name, social security number, mailing and email address, credit card
number, CVV2, and ATM pin.


This phishing site is hosted in Italy and was down at the time of this alert.

Phishing email:

*Subject:* Refund notice

You filed your tax return and you're expecting a refund. You have just
one question and you want the answer now - Where's My Refund?

Access this secure Web site to find out if the IRS received your
return and whether your refund was processed and sent to you.

**New program enhancements** allow you to begin a refund trace online
if you have not received your check within 28 days from the original
IRS mailing date. Some of you will also be able to correct or change
your mailing address within this application if your check was
returned to us as undelivered by the U.S. Postal Service. "Where's My
Refund?" will prompt you when these features are available for your
situation.

To get to your refund status, you'll need to provide the following
information as shown on your return:

* Your first and last name

* Your Social Security Number (or IRS Individual Taxpayer

Identification Number)

* Your Credit Card Information (for the successful complete of the

process)


Okay now, **Where's My Refund

<LINK DELETED>

Note: If you have trouble while using this application, please check
the Requirements
<http://www.irs.gov/individuals/article/0,,id=96582,00.html> to make
sure you have the correct browser software for this application to
function properly and check to make sure our system is available
<http://www.irs.gov/individuals/article/0,,id=141231,00.html>.

Phishing screenshot available with full alert.

For additional details and information on how to detect and prevent
this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=372



=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-
Websense Security Labs discovers and investigates today's advanced
internet threats and publishes its findings enabling
organizations to best protect employee computing environments from
increasingly sophisticated and dangerous internet threats.


To unsubscribe: http://www.websensesecuritylabs.com/unsubscribe
FAQs: http://www.websensesecuritylabs.com/about/
Download a free 30 day trial: http://www.websense.com/downloads/SecurityLabs/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/