phishing for tax refunds

Taxpayer beware, the dark side of the ‘net is leveraging your unquenchable thirst for a refund by teasing you with a slightly-less-than convincing email message, like so:

Inbox (936 messages, 4 unread)

If the mere fact that you received an email from the Canada Revenue Agency doesn’t convince you this is bunk, and you click on the “click here>>>” link, here’s what you’ll get:

Suspected Phishing Site

So, sorry humble taxpayer, no $386 for you today.

But, I was just wondering…

Where does this message come from, and why should it be trusted?

The links on the page lead to Google resources about phishing. It appears that Google itself plays a part in the transaction that led to this message, perhaps as a reference point. The company maintains a blacklist of suspected phishing and malware pages, and offers an API that developers and service providers can use to access and use that information.

If the above message is, indeed, generate by the Google Safe Browsing API then I’d say they need to work on their communication a bit. The message itself feels fraudulent and untrustworthy. If Google is acting as the authority for the blacklist, then they need to put their name on this message as an indication of authenticity and to provide assurance to browsers that the block is legitimate.

Of course, I won’t debate the value of a malware and phishing blacklist, but this manifestation of its pragmatic purpose is very user-unfriendly.