116 West 23rd Street, Suite 500, New York, NY 10011 • Tel (646) 827-4257 • info@arpearlmanlaw.com
28 03, 2010

Another bogus email pretends to be from IRS

By |2020-02-12T14:20:18-05:00March 28th, 2010|Internet tax scam, phishing|0 Comments

Criminals who dress up as cops sometimes get a whole lot of crimes done. Similarly, internet email scamsters have been pretending to be the Internal Revenue Service for a while as well.

In this scam, a criminal sends an email which is supposed to look like it’s from the IRS. This fraudulent email asks you to click on a link to review your account, get a refund, or something, but the goal is actually to extract from your personal information, by which your identity can be stolen, or to commit some other nefarious crime which will only hurt you (like perhaps to take control of your computer and use it as a zombie bot which becomes an unwitting conduit for spam).

(more…)

28 02, 2010

Russian Con-Artist Faked “File Free” Tax Return Websites, Stole Refunds

By |2020-02-12T14:20:19-05:00February 28th, 2010|Data Security, Identity Theft, Tax Crimes, Tax Refund|0 Comments

Marketing experts say that there are few words as powerful to persuade as “free.” One enterprising scamster took that concept and ran with it to steal unsuspecting taxpayers’ tax refunds.

While living in sunny San Diego, Maxim Maltsev of Russia, blended the persuasive power of the word “free” with the fact that the IRS has a free electronic tax return filing program, and harnessed the awesome reach of the Internet, to steal tax refunds owed to ordinary taxpayers, looking to get their returns prepared and filed as quickly, easily and cheaply as possible.

Maltsev admitted in federal court in California that he was part of a conspiracy to obtain federal income tax returns requesting refunds before they were electronically filed with the IRS.

The success of the scheme depended upon taxpayers being fooled into using apparently free electronic tax return filing services which were, in fact, fake.

(more…)

9 09, 2009

New Scam Email Claiming to be From IRS is Fake

By |2020-02-12T14:20:19-05:00September 9th, 2009|Identity Theft|0 Comments

The Internal Revenue Service flatly states about its own practices: “The IRS does not send taxpayers e-mails about their tax accounts.”

So, if your email in-box has a message saying that its from “Internal Revenue Service [no-reply@irs.gov]” with a subject line of “Notice of Underreported Income” you  can know, from the start, that this message is a fake.

This message is apparently being sent to gazillions of email addresses.

The text of one I received today reads as follows:

Taxpayer ID: arp-0000174073547US

Tax Type: INCOME TAX

Issue: Unreported/Underreported Income (Fraud Application)

Please review your tax statement on Internal Revenue Service (IRS) website (click on link below):

review tax statement for taxpayer id: arp-0000174073547US

Internal Revenue Service

This is plainly a fake, and a scam, probably designed to steal the recipient’s identity, or install malicious software on the recipient’s computer.

Steve Ragan of The Tech Herald (thetechherald.com) reports that this bogus message is being sent out at a rate approaching 90,000 an hour, and that the goal of it is, in fact, to trick computer users to install malicious software onto their computers.

So the quick thought here: don’t fall for it, don’t click on the link in this bogus email which is designed to do harm.

12 08, 2009

American Express Cardholders’ Personal Information Stolen by Insider

By |2020-02-12T14:20:19-05:00August 12th, 2009|Data Security, Identity Theft|2 Comments

One former employee of American Express has taken its slogan, “Don’t Leave Home Without It,” to a new extreme.

Not only did he or she feel (presumably) obligated to carry his (or her) own card (assuming he or she was a cardholder), but also this ex-employee stole account information of other cardholders, so that the don’t-leave-home-without-it security blanket of one’s own card might be multiplied by that of all the other people’s cards whose information this ex-employee stole.

Unfortunately, for the ex-employee and fortunately for all the other cardholders, this scheme was uncovered and the ex-employee caught. (Question: was the ex-employee still actively employed by American Express at the time he or she was caught?)

Today, some American Express cardholders received a letter with the not-very-encouraging opening sentence:

“I am writing to inform you of an unfortunate issue concerning your American Express Card.”

American Express then explained what it meant by an “unfortunate issue”:

“We recently learned that certain account data was acquired without authorization by an employee who is no longer with the company”

Translation to plain English: when the former employee “acquired” “account data” “without authorization” he or she stole personal information of American Express customers which might be used to fraudulently charge their cards.

According to American Express, the rogue ex-employee stole data stored on the magnetic stripe on the back of the customers’ American Express card:

  • the card holder’s name,
  • account number,
  • card’s expiration date,
  • PIN number
  • card holder’s state of residence, and/or
  • card holder’s residence zip code.

American Express’s bad-news letter, apparently searching for a silver lining, stressed that the card holder’s social security number was not among the stolen information.

In a telephone call with American Express today, a representative named Patty,  gave more information:

  • The alleged perpetrator was arrested in Phoenix, Arizona on June 24th, 2009.
  • The stolen information was downloaded to a laptop computer.
  • The case is being prosecuted in federal court, not state court.
  • Identifying information about the perpetrator (i.e., name, gender, position at Amex when in its employ, job position, title and his or her responsibilities) was not available to the American Express representative with whom I spoke.
  • Amex has hired an outside security firm to assist it in dealing with this case (it is not clear who that outside firm is or what it is doing for American Express, but, but Amex has definitely hired somebody to do something).

American Express’s representative stated today that the number of accounts which were affected by this security breach and theft was unavailable.

Later in the same conversation she said that “very few” accounts were affected. But still, the American Express representative did not have any more detailed information to describe how many affected accounts qualified as “very few.”

Internet searches for additional information about this security breach have yielded nothing, so far. Searching the website of the United States Department of Justice for the US Attorney’s Office in Phoenix also showed nothing. No press releases regarding arrests, arraignments, indictments or anything else.

Go to Top