"You can help shut down phishing schemes"
This one is a serious post. This was sent to us where I work by our IT department. Seeing as I work for a government tax administration agency, I'd classify it as reliable. Send this story to a friend or colleague The IRS has issued several consumer warnings on the fraudulent use of the IRS name or logo by scamsters trying to gain access to consumers' financial information in order to steal their identity and assets. This type of scam is called phishing. Since November 2005, the IRS and TIGTA (Treasury Inspector General for Tax Administration) have identified at least 34 spoof Web sites connected to phishing e-mails claiming to have come from the IRS. The IRS and TIGTA have received more than 4,300 contacts from e-mail recipients either asking if the contact was legitimate or having already recognized it as bogus, alerting us to the scam. These scams have originated from at least 20 different countries. "The good news is you can help shut down phishing schemes," says Susan Boehmer, Chief of the Identity Theft Program Office. "The IRS does not initiate contact for personal information by e-mail. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov. The complete information and instructions of how to forward the e-mails are located on IRS.gov," added Susan. It is necessary that the public follow instructions provided on the Web page for sending the bogus e-mails to ensure that they retain critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to every message received at phishing@irs.gov. This is just some of what is going on in the Identity Theft Program Office. The office has also issued two flyers that provide information about identity theft; Publication 4524, Security Awareness and Identity Theft and Publication 4523, Beware of Phishing Schemes. More information about identity theft can be found on the internet at: http://www.ustreas.gov/tigta/ http://www.ustreas.gov/tigta/docs/phishing_alert_2006.pdf Non-government Groups interested in saving your Identity: http://www.epic.org/ http://www.privacyrights.org/ If you have any questions or concerns, please contact the DOR Help Desk. DOR Help Desk Wisconsin Department of Revenue Phone:xxx-xxx-xxxx Fax: xxx-xxx-xxxx Email: xxxxxxxx@xxx.xxxxx.xx.xx Figured I'd post it as a public service announcement.

I often forward this sort of thing to the businesses being phished but often the websites of those businesses don't have an email address for that sort of thing. Drives me nuts. I'm glad to have this one...I'll use it.

Just got my first one today. I handed it off to my network guy and he's all over it.

Your network guy might be able to shut down where they're coming from, but the IRS has the teeth to legally maul whoever is doing it. Might want to report it to them, too.

Another warning on a different scam, from our IT people: This warning is intended for users of American Express cards and those interested in general internet scam information. If you are not an American Express card user and you are not interested in this topic, please feel free to delete this email. American Express has announced that a virus may be targeting their web site. If your PC is infected with the virus it will wait until you browse to AmericanExpress.com and then it will display a pop up window asking for personal information. If you enter that information it will be sent to a 3rd party that may try to steal your identity. For more information on this virus, please click on this link. (link removed) If you have any questions or concerns, please contact the DOR Help Desk. DOR Help Desk Wisconsin Department of Revenue Phone: xxx-xxx-xxxx Fax: xxx-xxx-xxxx Email: xxxxxxxx@xxx.xxxxx.xx.xx Sorry, link and contact info removed because they're an internal support section only. Additional info at the removed link is as follows: ALERT VIRUS ALERT: This warning is intended for users of American Express cards and those interested in general internet scam information. If you are not an American Express card user and you are not interested in this topic, please feel free to delete this email. American Express has announced that a virus may be targeting their web site. If your PC is infected with the virus it will wait until you browse to AmericanExpress.com and then it will display a pop up window asking for personal information. If you enter that information it will be sent to a 3rd party that may try to steal your identity. The screen in question looks like this: As a general rule of thumb you should never enter personal information such as SSN or Date of Birth unless you are expecting to do as a part of an application for credit, or initial sign up process. If your are asked for personal info and it is not a part of initial sign up or credit application or if you are ever in doubt, you should contact the company direct by phone (use the # from the back of your credit card) and either offer the info over the phone or at least verify that they have a legitimate reason for requesting personal information on their web site. If you have visited AmericanExpress.com and you did received the above screen please contact them immediately at the number listed on the back of your credit card. In addition it is always good practice to: 1) Use an antivirus software on your home PC and keep the software up to date with the la-*test*-('") virus definitions 2) Never click on links in response to email 3) Always ask “why do they need this” when ever a site or some one asks you for personal information 4) Do not open unexpected attachments without verifying the validity with the sender. Just because the email says the attachment has pictures of Britney Spears or Free Disney Tickets doesn’t mean that that the attachment really does. To help protect your personal information consider the following: Fraudsters often create a sense of urgency to provoke you to take action immediately. There is no need to respond instantly to an email request. 1) First, consider carefully whether the business in question would have sent you the request Did you sign up to receive marketing emails from the company? Did you sign up to receive emails notifying you of actions relating to your account (such as your monthly statement is available)? Are you able to locate the information by going directly to the company’s website? If you are in doubt as to whether or not an email is legitimate, do not respond to it. 2) If you wish to validate whether the communication is valid, a safe alternative is to contact the company directly through familiar channels, such as: Log into the secure message center of the company's website and send an email regarding your inquiry. Contact the phone number provided on your billing statement or credit card. 3) If you make the decision to submit sensitive information on a website, ensure that the site is secure (https). HTTPS means that the URL is secure by the use of Secure Socket Layer (SSL) technology protocol. If you have any questions or concerns, please contact the DOR Help Desk. DOR Help Desk Wisconsin Department of Revenue Phone: xxx-xxx-xxxx Fax: xxx-xxx-xxxx Email: xxxxxxxx@xxx.xxxxx.xx.xx