Over the past several months, the Internal Revenue Service has been alerting taxpayers to a series of e-mail phishing scams.
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
These scams are targeting both business taxpayers, as well as individuals, and are designed to gather confidential data or infect computers with Trojan Horses.
There are several variations going around including:
- An e-mail purporting to come from the IRS advises taxpayers they can receive $80 by filling out an online customer satisfaction survey. The IRS urges taxpayers to ignore this solicitation and not provide any requested information. The IRS does not initiate contact with taxpayers through e-mail.
- A" Tax Avoidance Investigation" e-mail claiming to come from the IRS' "Fraud Department" in which the recipient is asked to complete an "investigation form," for which there is a link contained in the e-mail, because of possible fraud that the recipient committed. It is believed that clicking on the link may activate a Trojan Horse.
- An e-mail purporting to be from IRS Criminal Investigation falsely states that the person is under a criminal probe for submitting a false tax return to the California Franchise Tax Board. The e-mail seeks to entice people to click on a link or open an attachment to learn more information about the complaint against them. The IRS warned people that the e-mail link and attachment is a Trojan Horse that can take over the person's computer hard drive and allow someone to have remote access to the computer.
"Everyone should beware of these scam artists," said Kevin M. Brown, Acting IRS Commissioner. "Always exercise caution when you receive unsolicited e-mails or e-mails from senders you don't know."
Recipients of questionable e-mails claiming to come from the IRS should not open any attachments or click on any links contained in the e-mails. Instead, they should forward the e-mails to firstname.lastname@example.org using these instructions (link to http://www.irs.gov/individuals/article/0,,id=155344,00.html.
Since the establishment of the phishing mail box last year, the IRS has received more than 17,700 e-mails from taxpayers reporting more than 240 separate phishing incidents. To date, investigations by TIGTA have identified host sites in at least 27 different countries, as well as in the United States.
It is important for everyone to remember that the IRS does not send out unsolicited e-mails or ask for detailed personal and financial information.
Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.
Finally, all IRS.gov Web page addresses begin with http://www.irs.gov/ and will never be in another format.