This is the time of year when many people travel. We have received a lot of questions recently about the latest email security threat: a new wave of "phishing" emails that are based on flight information notifications.
The emails vary, but as an example, one of the emails we looked at had a subject of "Your Flight Order" and some official looking numbers, with the content of the email containing the flight number, date and time of departure, airport name, price, and then a link to print the ticket. This link looks innocuous, but it actually goes to a foreign web site set up to steal information from you, or infect your system with malware.
What a lot of people may not know is that a link in an email can say anything, and be coded to go to an entirely different location. The "bad guys" are basically trying to get you to click on the link. You may have travel plans and quickly click on the link because you think it's your real ticket, or you may be curious because you think your credit card may have been breached ("who bought this ticket and why am I getting the notification?"). With "social engineering" the emails look familiar, so people unknowingly click on the links. Other recent phishing scams involved package shipment notifications and ACH bank transfer notifications. Because the actual text of the email is innocuous, these scams will often get through spam filters when the new wave first appears, until the spam filter definitions catch up.
Delta airlines has a link on their web site alerting folks about the phishing email alert if you want to read more. The US Computer Emergency Readiness Team (CERT) has a posting on their website of a number of holiday phishing and malware threats. The Federal Trade Commission's Phishing Scam Page also has a lot of excellent information about how to protect yourself form on-line threats.
ALWAYS be aware when reading your mail. Don't click on any links in emails that are questionable.
Many of our clients have expressed concern after receiving intimidating emails they thought were from the IRS. Phishing scams seem to come in waves, and the most recent wave we're seeing involves fake messages such as "your federal tax payment has been rejected". If you look closely at the message, the emails are typically from a random address with a name that doesn't even match the email address. Identity theft is the typical goal of these messages as they try to entice you to go to a web site to enter personal and financial information.
The IRS website explains their policy on email and has a lot of information regarding a wide variety of scams such as fake refund information. "Generally, the IRS does not send unsolicited e-mails to taxpayers. Further, the IRS does not discuss tax account information with taxpayers via e-mail or use e-mail to solicit sensitive financial and personal information from taxpayers. The IRS does not request financial account security information, such as PIN numbers, from taxpayers."
Rest assured that you are not being personally targeted even though it feels like it because the message winds up in your inbox. Anyone with an email (phone or fax) can randomly become a target. The message looks intimidating, but its just a fake. The messages are specifically designed to get through spam filters because the sender addresses are random (spoofed), and the content contains official sounding language that wouldn't normally be flagged.
What should you do if you get an email like this? Report the sender by forwarding the suspicious e-mail or url address to the IRS mailbox email@example.com, then delete the e-mail from your inbox.