- Rep. Luis Gutierrez: Senate Dems wary of immigration politics
- Summer camp for 1 percenters: Sushi, limos and shopping at FAO Schwarz
- Colorado gun crackdown law found to be built on faulty data
- Hank Aaron steps to fundraising plate for Democrat Michelle Nunn
- ISIL terrorists blow up burial site of Jonah, vow more of same
- Impeach Obama, say 35 percent in new poll
- Taliban yank 14 Shiites off bus, bind and shoot them on Afghan road
- Obama takes aim at ‘corporate deserters’
- Dick’s Sporting Goods lays off 478 PGA golf pros
- Senators: Cease-fire must allow Israel to defend against rockets, tunnels
Scammers impersonate FTC, IRS
Question of the Day
The federal agency charged with protecting consumers from Internet scams now finds itself wrapped up in one.
Identity thieves have sent thousands of bogus e-mails purporting to be from the Federal Trade Commission — as well as the Internal Revenue Service and Justice Department — in an attempt to trick consumers into divulging personal financial information.
The agencies are the latest institutions to be exploited in "phishing" scams, long the bane of large banks and credit-card issuers.
Analysts who track online crime say that while financial institutions are still the most commonly hijacked brands, the use of federal agencies in the hoaxes is increasing and reflects criminals' desire to take advantage of the familiarity and authority of various government departments.
Phishing typically involves sending fraudulent e-mails that include links that direct recipients to fake Web sites where they are asked to input sensitive data. Phishers also may include attachments that, when clicked, secretly install "spyware" that can capture personal information and send it to third parties over the Internet.
Criminal gangs in the United States and overseas use the information to steal thousands of dollars from consumers or to sell their identities in what analysts describe as a sophisticated underground economy surrounding identity theft.
The FTC said last month that corporate and banking executives, among other consumers, have received fake e-mails with spyware attachments purporting to be from the agency.
The Treasury Department, meanwhile, said June 27 that it had received more than 23,000 complaints about IRS-related phishing scams since an investigative arm of the department began tracking them in November 2005.
The scams have been "unprecedented both in terms of sophistication and the volume of reports we have received," said J. Russell George, Treasury inspector general for tax administration.
Michelle Lamishaw, an IRS spokeswoman, said most of the hoax e-mails tell recipients they are under investigation or that they have a tax refund pending. Some are more sophisticated, including those targeted to small businesses that mention obscure agencies such as the California Franchise Tax Board.
Government officials said recipients of such e-mails should be suspicious of their origin for one simple reason: Federal agencies rarely communicate with citizens over e-mail.
Lois Greisman, associate director of the FTC's division of marketing practices, said, "We are the agency that brought you the Do Not Call Registry and Can-Spam," she said, referring to a 2003 law restricting commercial spam. "We're not likely to send out unsolicited e-mails."
Phishing surfaced early this decade and took off in 2003, said Peter Cassidy, a spokesman for the Anti-Phishing Working Group. The group is a consortium of corporations, banks, software providers and law-enforcement agencies whose members include EBay Inc., Microsoft Corp. and Yahoo Inc.
The scams are still growing rapidly: The number of phishing Web sites jumped to 37,438 in May, the group said in a report released July 8, more than triple the 11,976 reported in May 2006.
Phishing can carry significant economic costs for the victims and rewards for the perpetrators. Jeff Fox, technology editor at Consumer Reports, said that in September his group estimated consumers had lost $630 million to phishing scams in the previous two years.
A recent report from the Government Accountability Office, Congress' investigative arm, put the figure at $1 billion annually.
Despite efforts to educate the public about the dangers of clicking on unknown links and attachments in spam e-mail, many computer users still do so.
Consumer Reports estimates that 8.2 percent of online households have submitted personal information in response to fraudulent e-mails in the past two years, Mr. Fox said. "It's astounding."
Second- and third-stringers eye 2016 if front-runner stumbles
- 'We're coming for you, Barack Obama': Top U.S. official discloses threat from ISIL terrorists
- Obama orders Pentagon advisers to Ukraine
- NAPOLITANO: What if our democracy is a fraud?
- Michelle Obama says money in politics is bad, asks donors for 'big, fat check'
- Hamas rejects Kerry's call for cease-fire; Fears grow others could join fight against Israel
- Presidents of Honduras, Guatemala blame U.S. for border children crisis
- PRUDEN: The Democratic-wannabe mice under Hillary Clinton's feet
- Crime-ridden U.S. cities differ on ways to fight gun violence
- Let it roll: D.C. Council hits Las Vegas on taxpayer's dime, leaves $14,000 tab
- Obama takes aim at 'corporate deserters'
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq