The IRS and its Security Summit partners warned tax professionals this week about a new IRS impersonation scam campaign spreading nationally on email.
The new scam illustrates the growing sophistication of cybercriminal organizations. The scam now relies on dozens of compromised websites and web addresses that pose as IRS.gov, making it a challenge to shut down. By infecting computers with malware, these impersonators can get control of a taxpayer’s computer or secretly download software that tracks every keystroke, eventually giving them access to passwords to sensitive accounts, such as financial accounts.
The IRS, state tax authorities and the tax industry that are part of the Security Summit effort noted that they have made progress in fighting stolen identity tax refund fraud, but victims remain vulnerable to scams by IRS imposters who send them bogus emails or make harassing phone calls.
The IRS emphasized that it doesn't initiate contact with taxpayers via email, text message or social media to ask for personal or financial information. That includes requests for PIN numbers, passwords or other access information for credit cards, banks or other financial accounts.
The IRS also doesn’t call taxpayers to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. The IRS typically will first mail a bill to a taxpayer who owes taxes.
The IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.
Read more at: Tax Times blog