The Internal Revenue Service (IRS) is warning about a new “tax transcript” scam. In the scam, taxpayers are tricked into opening emails that look like they are from the IRS—but they potentially carry malware. Here’s what you need to know.
In the past few weeks, taxpayers have received emails pretending to be from “IRS Online.” The scam email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”
Tax transcripts, which are summaries of your tax records and history, are available online, and taxpayers do need access to an email account in order to register with the IRS. However, the IRS reminds taxpayers it does not send unsolicited emails to the public and the agency would not email a sensitive document such as a tax transcript.
<fbs-ad position="inread" ad-id="article-0-inread" aria-hidden="true" role="presentation" style="color: #333333; background-color: #fcfcfc;">
If you receive an email like this, do not open the email or the attachment.
If you are using a personal computer, delete the email or forward the scam email to firstname.lastname@example.org.
If you are using a work computer, notify your company’s technology professionals as soon as possible. If anyone at your workplace opens the malware, it could spread throughout the network and potentially take months to successfully remove.
<article-body-container class="article-body fs-article fs-responsive-text current-article" style="color: #333333; background-color: #fcfcfc; margin-top: 16px;"></article-body-container>
The malware is known to the IRS. Known as Emotet, the malware generally poses as specific banks and financial institutions to trick people into opening infected documents. According to the IRS, “scores” of Emotet emails were forwarded to email@example.com recently.
The United States Computer Emergency Readiness Team (US-CERT) issued a warning in July about Emotet versions in Alert (TA18-201A) Emotet Malware. US-CERT has called the Emotet malware “among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.” According to US-CERT, Emotet infections have cost SLTT governments up to $1 million per incident to remediate.
The bottom line: use caution. Here’s what to do if you receive a suspicious phone call, letter or email:
- If you receive a call from someone claiming to be from the IRS, and you do not owe tax or if you are immediately aware that it's a scam, don’t engage with the scammer, and do not give out any information. Just hang up.
- If you receive a telephone message from someone claiming to be from the IRS, and you do not owe tax or if you are immediately aware that it’s a scam, don't call them back.
- If you receive an email claiming to be from the IRS or a program affiliated with IRS, don’t respond and don’t click on any links.
- If you receive a suspicious letter or call from someone claiming to be with the IRS, do not give out any information. Call the IRS directly at 1.800.829.1040 to discuss your specific situation.
Don’t fall for the tricks. Keep your personal information safe by remaining alert. When in doubt, assume it’s a scam. For tips on protecting yourself from identity-theft-related tax fraud, click here.
<contrib-full-bio class="article-bio" style="color: #333333; background-color: #fcfcfc; margin-bottom: 1.2rem;">
Years ago, I found myself sitting in law school in Moot Court wearing an oversized itchy blue suit. It was a horrible experience. In a desperate attempt to avoid anything like that in the future, I enrolled in a tax course. I loved it. I signed up for another. Before I knew ...