The United States Computer Emergency Readiness Team (US-CERT) has warned of a phishing scam that relates to an IRS stimulus package.
In a statement on its current activity page, US-CERT has claimed that it is aware of public reports indicating that phishing scams are circulating via fraudulent US Internal Revenue Service emails that offer users stimulus package payments.
US-CERT said: “These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide personal information.”
One recipient claimed that he had received a similar email last year that included information about the stimulus check sent out at that time, and said that the senders of the phishing email had approximated how much money the recipient received in his stimulus check – in this case $23 dollars.
As the amount was so close to what the recipient had received he almost fell for the scam, though he noticed that the sender's email address was suspicious and followed up by sending warnings to about seven different agencies including the IRS in regards to the scam.
Users who receive the fraudulent email messages are encouraged to send the email message and the website URL to a phishing email at the IRS. Meanwhile US-CERT has encouraged users to not follow unsolicited web links received in email messages and to refer to its various documents on recognising and avoiding email scams to help mitigate the risks.