Surge in Email, Phishing and Malware Schemes
When identity theft takes place over the web (email), it is called phishing.
The IRS has issued several alerts about the fraudulent use of the IRS name or logo by scammers trying to gain access to consumers’ financial information to steal their identity and assets.
Scam emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. These phishing schemes may seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.
Be alert to bogus emails that appear to come from your tax professional, requesting information for an IRS form. IRS doesn’t require Life Insurance and Annuity updates from taxpayers or a tax professional. Beware of this new scam.
Variations of these scams can be seen via text messages. The IRS is aware of email phishing scams that include links to bogus web sites intended to mirror the official IRS web site. These emails contain the direction “you are to update your IRS e-file immediately.” The emails mention USA.gov and IRSgov (without a dot between “IRS” and “gov”), though not IRS.gov (with a dot). These emails are not from the IRS.
The sites may ask for information used to file false tax returns or they may carry malware, which can infect computers and allow criminals to access your files or track your keystrokes to gain information.
For more details, see:
- IRS Warns Seniors to Beware of Calls by Criminals Impersonating the IRS
- Phishing Remains on the IRS “Dirty Dozen” List of Tax Scams for the 2017 Filing Season
- Consumers Warned of New Surge in IRS Email Schemes during 2016 Tax Season; Tax Industry Also Targeted
- IRS warns taxpayers of a phishing scam targeting Washington D.C., Maryland and Virginia residents where the email scammers are citing tax fraud and trying to trick victims into verifying “the last four digits of their social security number”
Unsolicited email claiming to be from the IRS, or from a related component such as EFTPS, should be reported to the IRS at phishing@irs.gov.
For more information, visit the IRS’s Report Phishing web page.