January to March is traditionally the time when taxpayers in the U.S. become reacquainted with their tax advisers as the mid-April “tax day” deadline looms. Unfortunately, this period has also become a time when phishing directed towards the IRS becomes more prevalent. As reported in the Symantec State of Spam report for April 2008, spammers continued to attempt to disguise themselves as the IRS, dangling an offer of a tax refund to unwitting recipients. Imagine our surprise when we observed a phishing attack using the IRS brand in November—nearly five months before the next deadline for individual taxpayers. This phishing email indicated that the recipient was eligible to receive a tax refund and directed them to a website where the refund would be processed. The fraudulent site, branded with the IRS logo, is being used as a collection tool for credit card and other personal information.The spam attack could be trying to take advantage of individuals who filed for a tax extension with an October 15th deadline and who might be looking for their tax refund. In addition, the IRS recently reported that it is looking for taxpayers who have not yet received their economic stimulus checks (checks totaling about USD $163 million were returned by the U.S. Postal Service due to mailing address errors). By law, economic stimulus checks must be sent out by December 31st of this year.So, email users beware of these attacks. "If it looks too good to be true, then it probably is!" And, as the IRS indicates on its website, it “does not initiate communication with taxpayers through email.”