IRS Phishing Scams: What You Need To Know

Media Division | April 10, 2014

The list of things you need to do in the tax season is a long one. You can see tax filing moans all over the corporate sector, but there’s more to worry about than just making a late filing.

The tax season is prime time for cyber criminals who utilize the IRS to try to steal taxpayer identities and refunds. These criminals gained around $4 billion in 2013 by stealing taxpayers’ personal credentials and filing fraudulent returns, according to a report by the Treasury Inspector General.

In addition to dozens of scams highlighted in previous years, the Internal Revenue Service is now warning against a new phishing attack including emails that seem to be from the official IRS Taxpayer Advocate Service and feature a fraudulent case number.  These emails are luring taxpayers into providing personal information; a criminal can use this information to commit financial theft or identity theft.

The following message is being delivered through fake emails:

“Your reported 2013 income is flagged for review due to a document processing error. Your case has been forwarded to the Taxpayer Advocate Service for resolution assistance. To avoid delays processing your 2013 filing, contact the Taxpayer Advocate Service for resolution Assistance.”

Email recipients are recommended to click on links purported to provide details about the case advocate or let them review reported tax income, which redirects to web pages asking for personal information. The stolen data can be re-sold to buyers, most of whom are located across the border. The IRS sent 655 tax refunds to a single Lithuania address, and 343 refunds to a Shanghai lone address last year, mentions a CBS report.

It’s important to note that the IRS never contacts taxpayers through email to request personal information. It does not use social media, text messages or communications to request financial information, PIN numbers and passwords.

Closing the door

The IRS has advised taxpayers to ignore these emails and forward them to But there are additional best practices you can adopt to protect your tax information, including the following:

Identify the legitimacy of the email

You can identify the IP address of an email and use it to measure the historical performance of the sender. For example, you can use an IP and email tracing service to locate the original IP address when the sender is using a machine to cover identity.

Another thing you can do is examine the links inside the email body. For instance, you can check if other taxpayers have been facing document processing errors through a quick search in Google. Also, if the content places any kind of urgency, it is most likely to be a spam email and should be moved to the junk folder.

Secure tax filing content

Are you planning to file online? If so, use email security tools to secure the content from unauthorized third-party access. If you are sending files to a tax professional, make sure all the information is encrypted.

Some of these tools also allow you to receive notifications when the tax filing professional opens your 1099 or W2. If you see unauthorized access to these documents, you can block the intruder with a single click.

Enhance your PC security

Install firewall, anti-virus and anti-spyware software, and make sure to update them regularly for the security of your PC. You should also activate the phishing filter in your web browser.

Use a software and hardware firewall for additional security. The incorporation of the firewall may also prevent malicious code from infiltrating your computer and hijacking your web browser.

The returns are due by April 15th.  Keep these considerations in mind when filing taxes to ensure personal and financial privacy.


Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.