The IRS warned users of fraudulent emails that request users visit a web site and disclose personal information. Here is a screenshot of a version of the scam we just received:
Notice that the “Click here” link provides a non-IRS link (the ads.lynchburg.net-redirected website is now down), which redirects to a server in the .de domain (in Germany). The stimulus payment logo is linked directly to the irs site, however, making the email itself look official. This email is another example of carefully crafted “phish”.
Always take careful consideration when reviewing email requesting sensitive information from you.
