Irish Govt warns of Revenue phishing attack

21 Oct 2010

The Department of Foreign Affairs has warned there is a bogus email doing the rounds that looks like a genuine communication from the Revenue Commissioner seeking personal information, including passport details from taxpayers.

The email, which links to an authentic-looking Revenue Commissioners website, comes with heading: “You are eligible to receive a tax refund!”

“The email asks the recipient to submit personal details, including passport information. This email did not issue from the Revenue Commissioners or from the Department of Foreign Affairs.

“The Department of Foreign Affairs never sends emails which require customers to send passport numbers or passport expiry dates via email or pop-up windows.

“Anyone who provided passport information in response to these emails should make contact with the Passport Service at +353 1 671 1633 or LoCall 1890 426 888,” the Department of Foreign Affairs said.

Phishing pattern

“While it is not clear who is behind these latest bogus emails, they follow a pattern which is all too familiar with these ‘phishing’ incidents,” said Dermot Williams, managing director of Threatscape.

First of all, the perpetrator wants to entice the recipient to click the link to their website. They typically do this by appealing to emotions – scare tactics, a mention of urgency, or a suggestion that doing so is in the recipient’s interest – in this case, their financial interest.

Secondly, although the website linked to is bogus, it presents a convincing replica of a site the recipient might trust with confidential personal data – a bank, government agency, and so on. And thirdly, the website in this incident does request personal data from the recipient.

“A fraudster armed with your passport and bank details – as is sought in this instance- has both the motive and the means to attempt a financial crime against you. The solicitation of passport details is of particular concern, and anyone affected should contact the Passport Service.”

“Threatscape reminds internet users that legitimate financial and government agencies almost never send unsolicited email requests for confidential personal data. Also, web links in email messages may not actually direct you to where they purport to – but rather they may link to a fake ‘phishing’ site.

“Such a site may attempt not only to gather personal data from unsuspecting victims, but also to install malicious software on their computers. Users are urged to maintain continued vigilance against phishing scams, and to treat all unsolicited email with a healthy dose of scepticism,” said Williams.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years