On 3/28/24, the IRS kicked off its annual Dirty Dozen list with a warning for taxpayers to be aware of evolving smishing and phishing scams designed to steal sensitive taxpayer information. Smishing and phishing scams arrive to the taxpayer in the form of unsolicited texts or emails to trick the taxpayer to provide valuable personal and financial information that can lead to identity theft. The IRS continues to see scams that seek to get a taxpayer to provide sensitive personal financial information, money, or other information with the purpose of filing a false tax return or tapping into the taxpayer’s financial accounts.
“Scammers are relentless in their attempts to obtain sensitive financial and personal information, and impersonating the IRS remains a favorite tactic,” said IRS Commissioner Danny Werfel. “People can be anxious to get the latest information about their refund or other tax issues, so scammers frequently try using the IRS as a way to trick people. The IRS urges people to be extra cautious about unsolicited messages and avoid clicking any links in an unsolicited email or text if they are uncertain.”
IRS states: “Don’t Take the BAIT”!
- Phishing: An email sent by fraudsters claiming to come from the IRS. The email lures the victims into the scam with a variety of ruses such as enticing victims with a phony tax refund or threatening them with false legal or criminal charges for tax fraud.
- Smishing: A text or smartphone SMS message where scammers often use alarming language such as, “Your account has now been put on hold,” or “Unusual Activity Report,” with a bogus “Solutions” link to restore the recipient’s account. Unexpected tax refunds are another potential lure for scam artists.
Taxpayers should never respond to tax-related phishing or smishing or click on the URL link
For Emails: If a taxpayer receives an email claiming to be from the IRS that contains a request for personal information, taxes associated with a large investment, inheritance, or lottery:
- Don’t reply.
- Don’t open any attachments. They can contain malicious code that may infect the computer or mobile phone.
- Don’t click on any links. If a taxpayer inadvertently clicked on links in a suspicious email or website and entered confidential information, visit the IRS’ identity protection page.
- Send the full email headers or forward the email as-is to [email protected] . Don’t forward screenshots or scanned images of emails because this removes valuable information.
- Delete the original email.
For Texts: If a taxpayer receives a text claiming to be from the IRS that contains a request for personal information, taxes associated with a large investment, inheritance, or lottery:
- Don’t reply.
- Don’t open any attachments. They can contain malicious code that may infect the computer or mobile phone.
- Don’t click on any links. If a taxpayer clicked on links in a suspicious SMS and entered confidential information, they should visit Identity Theft Central.
- Report the message to 7726 (SPAM).
- Include both the Caller ID and the message body in an email and send to [email protected]. Copy the Caller ID from the message by pressing and holding on the body of the text message, then select Copy, paste into the email. If the taxpayer is unable to copy the Caller ID or message body, forward a screenshot of the message.
- Delete the original text.
Taxpayers ought to remember that:
- The IRS initiates most contacts through regular mail and will never initiate contact with taxpayers by email, text or social media regarding a bill or tax refund.
- Never click on any unsolicited communication claiming to be the IRS as it may surreptitiously load malware. It may also be a way for malicious hackers to load ransomware that keeps the legitimate user from accessing their system and files.
- Be wary of messages that appear to be from friends or family but that are possibly stolen or compromised email or text accounts from someone they know. This remains a popular way to target individuals and tax preparers for a variety of scams. Individuals should verify the identity of the sender by using another communication method; for instance, calling a number they independently know to be accurate, not the number provided in the email or text.
Who is your professional tax advisor? ©