SA Bugzilla – Bug 6631
Suggestion for rules - certain "government" phishing attempts.
Last modified: 2019-07-08 07:22:47 UTC
1) USA: Internal Revenue Service. Key phrase: "We are unable to process your tax return" The IRS never sends this type of email. It is always a phish or a virus. The IRS does request that all copies be sent to <phishing@irs.gov>. 2) USA: "Traffic Ticket" type spam/phish. Key phrase: "UNIFORM TRAFFIC TICKET" Currently, this type of mail is impersonating New York State, but I suspect that it will evolve and include other jurisdictions (states or countries). Other phrase: "SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117" I don't know if these are being received by alot of people, but I have received 5 of the former and 1 of the latter in the past month. If someone wants to add rules for this, such would be nice. Please add them for mass checking. Sometimes, they are seen with an attachment - a zip archive with a virus inside, and sometimes, they are stand alone. Obviously, when a virus is present, one's anti-virus program should see it (unless it's extremely new).
Would it be possible for you to use the "Add an attachment" and provide a few samples (please munge recipient addresses only) ?
Created attachment 4931 [details] Sample messages As requested: Headers and HTML-stripped text.
Closing old stale bug. Probably not relevant anymore.