Are you a new user?

print   email   Share

The IRS Scam Is Back: What To Look For

The Internal Revenue Service (IRS) warns consumers to watch out for IRS impersonation attacks, which are spreading malware across the U.S.

These spam emails masquerade as legitimate emails from the IRS. They come from a spoofed IRS email address and the subject line may read, "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder."

Victims who click on the link in the email are directed to a spoofed IRS.gov site that contains fake information about the individual's tax refund, return, or account.

The email contains a "one-time password" or "temporary password" to access the files that the user needs to submit a request for a tax refund or for additional information, according to the scam message. What the files actually contain is malware.

The goal of the fraudulent IRS emails is to install malware onto the computers and devices of their victims. The hackers can then control the device or use software that tracks keystrokes to steal the user's login credentials to sensitive accounts.

Unfortunately, this attack is working, whether it is tax season or not. The IRS says the cybercriminals are using dozens of compromised websites and web addresses that make the messages look like they come from IRS.gov. As a result, the IRS says the scam is "a challenge to shut down." Tara Seals "IRS Impersonation Attacks Spread Malware Nationwide" threatpost.com (Aug. 26, 2019).


The IRS and other government institutions will never email you to ask you to submit personal information online.

If you receive an email requesting personal information from the IRS, another government agency, or even your financial institution or other organizations you work with, it may well be a phishing scam.

Keep in mind that many spam emails, including the spoofed emails claiming to be from the IRS, look legitimate. Having an irs.gov or other organizational email address does not guarantee that the email is real. Hackers can break into official accounts to send their fraudulent email messages.

In addition, emails that contain information about you, such as your name or address, are not legitimate simply for that reason. Hackers often gather enough information about their victims to make their spam emails appear more authentic before asking for the remaining information they need to steal your identity.

Always assume that even legitimate looking email messages or messages from someone in your contacts could actually be cybercriminals trying to steal your information. Look closely for signs of spoofing, including misspellings, grammar mistakes, and the email address being slightly off.

Often, phishing emails threaten the user with harm in order to solicit a reaction. For example, an email claiming to be from the IRS may say that you could be arrested for tax evasion if you do not reply in a timely manner.

On the other hand, cybercriminals may try to get you to respond by promising you money if you do. Therefore, IRS scam emails could say that you are entitled to a tax refund if you provide certain information.

You can reduce your risk of receiving spam emails by enabling your email spam filter. However, do not make the mistake of assuming that an email in your inbox is safe just because you have a spam filter. Some sophisticated spam messages can get past even the best filters.

If you get an email claiming to be from an official organization or government agency, do not call the number on the email. Instead, independently look up the number to call and use it instead.

Finally, your opinion is important to us. Please complete the opinion survey: