Symantec: More phishers impersonate government

People probably trust sites that look like government Web pages more than commercial ones, an expert said.

More cybercriminals are pretending they are government agencies to fool people into providing confidential information or downloading malware, a security expert said today.

More phishing scams involve impersonating the Internal Revenue Service, especially during tax season, said Alfred Huger, senior director at Symantec Security Response, the company’s division that hunts for and cures viruses.

One scam requires people to provide personal information on a convincing replica of the IRS Web site to learn the status of their tax refunds, Huger said. Another requires users to fill out a personal information form to collect their refunds.

Huger said he has seen at least 50 instances of phishers using the IRS scam. If a scam appears more than once, it means cybercriminals are making money with it, he said.

Until now, phishers have concentrated on impersonating commercial organizations more than government ones, Huger said. But that is changing, he said. He expects more phishing attacks to use federal, state and local government bodies as masks for their activities.

“There’s probably a higher level of trust when hearing from the government than from eBay,” he said.

The IRS warns consumers about phishing scams at www.irs.gov/newsroom/article/0,,id=151065,00.html.