A security flaw on a US government website has been exploited by a phishing scam claiming to be an IRS refund notification. The phishing email claims the recipient is eligible for a tax refund of $571.94. The email then tries to gain credibility by instructing recipients to copy/paste the url rather than clicking it. That's because the link actually does point to a page on a legitimate government website, http://www.govbenefits.gov. The problem is, the page being targeted on that site allows the phishers to 'bounce' the user to another site altogether.

The email used in the orginal IRS tax refund phishing scam has the following characteristics:

IRS Tax Refund Phishing Scam