Scammers are continuing to impersonate the Internal Revenue Service (IRS) with phishing emails designed to trick people into paying them money for supposed missed or late payments.
The fake emails are targeting Microsoft’s Office 365 platform users. It is estimated that 70,000 fraudulent emails have been sent.
Abnormal Security Researchers report
On November 10, researchers at Abnormal Security released a report detailing the scam. The IRS Impersonation Payment Fraud explains that the IRS is a popular target for spoofing email attackers. And that is the latest case the email is a more sophisticated IRS impersonation. The phishing emails are sent from a spoofed sender domain in order to try and collect fraudulent payments from the victim.
READ: How to protect yourself from phishing scams
The scammers are trying to make the emails look as real as possible. The fraudsters even spoof the origination email address to make it look credible.
For example, Abnormal Security reports that “Although the email appears to originate from the domain “irs.gov”, analysis of the email headers reveals that the true sender domain is “shoesbagsall.com.” Additionally, the “Reply-To” email is “[email protected]”, which is not associated with the IRS and instead leads directly back to the attacker.”