IRS Alerts Public to Identity Theft Scams
WASHINGTON — The Internal Revenue Service reminds consumers to avoid identity theft scams that use the IRS name, logo or Web site in an attempt to convince taxpayers that the scam is a genuine communication from the IRS. Scammers may use other federal agency names, such as the U.S. Department of the Treasury.
In an identity theft scam, a fraudster, often posing as a trusted government, financial or business institution or official, tries to trick a victim into revealing personal and financial information, such as credit card numbers and passwords, bank account numbers and passwords, Social Security numbers and more. Generally, identity thieves use someone’s personal data to steal his or her financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name and even file fraudulent tax returns.
The scams may take place through e-mail, fax or phone. When they take place via e-mail, they are called “phishing” scams.
The IRS does not discuss tax account matters with taxpayers by e-mail.
How to Spot a Scam
Many e-mail scams are fairly sophisticated and hard to detect. However, there are signs to watch for, such as an e-mail that:
Requests detailed or an unusual amount of personal and/or financial information, such as name, SSN, bank or credit card account numbers or security-related information, such as mother’s maiden name, either in the e-mail itself or on another site to which a link in the e-mail sends the recipient.
Dangles bait to get the recipient to respond to the e-mail, such as mentioning a tax refund or offering to pay the recipient to participate in an IRS survey.
Threatens a consequence for not responding to the e-mail, such as additional taxes or blocking access to the recipient’s funds.
Gets the Internal Revenue Service or other federal agency names wrong.
Uses incorrect grammar or odd phrasing (many of the e-mail scams originate overseas and are written by non-native English speakers).
Uses a really long address in any link contained in the e-mail message or one that does not start with the actual IRS Web site address (www.irs.gov). To see the actual link address, or url, move the mouse over the link included in the text of the e-mail.
What to Do
The IRS does not initiate taxpayer contact via unsolicited e-mail or ask for personal identifying or financial information via e-mail. If you receive a suspicious e-mail claiming to come from the IRS, take the following steps:
Do not open any attachments to the e-mail, in case they contain malicious code that will infect your computer.
Do not click on any links, for the same reason. Also, be aware that the links often connect to a phony IRS Web site that appears authentic and then prompts the victim for personal identifiers, bank or credit card account numbers or PINs. The phony Web sites appear legitimate because the appearance and much of the content are directly copied from an actual page on the IRS Web site and then modified by the scammers for their own purposes.
Contact the IRS at 1-800-829-1040 to determine whether the IRS is trying to contact you.
Forward the suspicious e-mail or url address to the IRS mailbox firstname.lastname@example.org, then delete the e-mail from your inbox.
Genuine IRS Web site
The only genuine IRS Web site is IRS.gov. All IRS.gov Web page addresses begin with http://www.irs.gov/. Anyone wishing to access the IRS Web site should initiate contact by typing the IRS.gov address into their Internet address window, rather than clicking on a link in an e-mail.
The Latest News Release from the IRS regarding Identity Theft Scams:
Consumers should be aware of a scam in which recipients receive an e-mail that claims to come from the Electronic Federal Tax Payment System. The e-mail states that tax payments made by the e-mail recipient through EFTPS have been rejected. The e-mail then directs recipients to a bogus website containing malicious software (malware) that infects the intended victim’s computer. To avoid the bogus website and malware, do not click on any links, open any attachments or reply to the sender for any e-mail you may receive that claims to come from EFTPS.
The IRS and the Financial Management Service (the Treasury bureau that owns EFTPS) does not communicate payment information through e-mail.
EFTPS is committed to taxpayer privacy and uses industry-leading security practices and technology to protect taxpayer data.
A scam that tricks someone into revealing their personal and financial data is identity theft. A scam that attempts to do this through e-mail is known as phishing. Find out more about IRS-impersonation phishing scams and how to recognize and report them to the IRS.
If you responded to this scam and believe you may have become the victim of identity theft, find out what steps you can take.
EFTPS is a tax payment system that allows individuals and businesses to pay federal taxes electronically via the Internet or phone, at any time of the day and any day of the year. It’s free, it’s fast and it’s secure, accurate and convenient.
If you have any questions about any correspondence you've received from the IRS, please don't hesitate to contact our office. We would be glad to help you determine the authenticity of the communication and the best course of response.