IRS Warns of New Email Scam Targeting Taxpayers

SHARE

The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious unsolicited emails are sent to taxpayers from fake IRS email addresses.

The emails contain a link to a spoofed IRS.gov website that displays fake details about the targeted recipient’s tax refund, return, or account. The emails instruct the recipient to access their refund information by entering a provided password on the spoofed website. By entering the password, the victim unintentionally downloads malware on their system that could enable the attacker to obtain sensitive information.

CWA Tax Director Kristina Yarbrough warns, “The IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. You need to be very skeptical if you receive any email communication from a sender claiming to be the IRS and should assume it is a scam.”

The U.S. Department of Homeland Cybersecurity and Infrastructure Security Agency (CISA) offers tips on how to avoid social engineering and phishing attacks:

 – Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about personal or internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
– Do not provide personal information or information about your organization unless you are certain of a person’s authority to have the information.
– Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
 – Don’t send sensitive information over the internet before checking a website’s security.
– Pay attention to the Uniform Resource Locator (URL) of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
– If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information.
– Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
– Take advantage of any anti-phishing features offered by your email client and web browser.

If you feel you have verified the authenticity of the sender according to the tips above, and still have questions, notify the IRS at phishing@irs.gov or reach out to your CWA planner.

Cain Watters is a Registered Investment Advisor.  Cain Watters only conducts business in states where it is properly registered or is excluded from registration requirements. Registration is not an endorsement of the firm by securities regulators and does not mean the adviser has achieved a specific level of skill or ability.  Request Form ADV Part 2A for a complete description of Cain Watters investment advisory services. Diversification does not ensure a profit and may not protect against loss in declining markets.  Past performance is not an indicator of future results. 

LIKE THIS ARTICLE? HERE ARE OTHERS YOU MIGHT LIKE.

GET THE LATEST NEWS AND INFORMATION IMPACTING YOUR PRACTICE.
Email will be used in accordance with our Privacy Policy

CATEGORIES

All
Categories

TOP POSTS

CONNECT WITH US