IRS Warns of Surge in Phishing and Malware Schemes Targeting Preparers and Taxpayers

The Internal Revenue Service warned Thursday it has seen a fourfold surge this tax season in email phishing and malware incidents, targeting consumers and the tax industry.

The IRS noted the emails are designed to trick taxpayers into thinking they are official communications from the IRS or others in the tax industry, including tax software companies. The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.

Variations of these scams can be seen via text messages, and the communications are being reported in every section of the country.

The IRS said it has seen an increase in reported phishing and malware schemes, including 1,026 incidents reported in January, up from 254 from a year earlier.

The trend continued in February, nearly doubling the reported number of incidents compared to a year ago. In all, 363 incidents were reported from Feb. 1-16, compared to the 201 incidents reported for the entire month of February 2015. This year's 1,389 incidents have already topped the 2014 yearly total of 1,361, according to the IRS, and they are halfway to matching the 2015 total of 2,748.

“This dramatic jump in these scams comes at the busiest time of tax season,” said IRS Commissioner John Koskinen in a statement. “Watch out for fraudsters slipping these official-looking emails into inboxes, trying to confuse people at the very time they work on their taxes. We urge people not to click on these emails.”

As the email scams increase, the IRS is working on the issue through the Security Summit initiative with state revenue departments and the tax industry. Many software companies, tax professionals and state revenue departments have seen variations in the schemes.

Tax professionals are reporting phishing scams that are seeking their online credentials to IRS services, for example the IRS Tax Professional PTIN System. Tax preparers are also reporting that many of their clients are seeing the e-mail schemes.

This tax season the IRS said it has observed fraudsters more frequently asking for personal tax information, which could be used to help file false tax returns. Taxpayers receive an official-looking email from what appears to be an official source, whether the IRS or someone in the tax industry.

Recent email examples the IRS has seen include subject lines and underlying text referencing numerous variations about people's tax refund, demands for updating the taxpayer’s filing details, which can include references to W-2. Some emails ask taxpayers to confirm their personal information, get their IP PIN or E-file PIN (a personal identification number for tax preparers who do electronic filing on behalf of clients), order a transcript or complete their tax return information.

When people click on the email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov. The sites ask for Social Security numbers and other personal information. The sites also may carry malware, which can infect people's computers and allow criminals to access your files or track your keystrokes to gain information.

“While more attention has focused on the continuing IRS phone scams, we are deeply worried this increase in email schemes threatens more taxpayers,” Koskinen added. “We continue to work cooperatively with our partners on this issue, and we have taken steps to strengthen our processing systems and fraud filters to watch for scam artists trying to use stolen information to file bogus tax returns.”

As part of the effort to protect taxpayers, the IRS has teamed up with state revenue departments and the tax industry to make sure taxpayers understand the dangers to their personal and financial data as part of the “Taxes. Security. Together” campaign.

If a taxpayer receives an unsolicited email that appears to be from either the IRS e-services portal or an organization closely linked to the IRS, report it by sending it to phishing@irs.gov. For more information, visit the Report Phishing and Online Scams page.

It is important to keep in mind the IRS generally does not initiate contact with taxpayers by email to request personal or financial information, the IRS noted. This includes any type of electronic communication, such as text messages and social media channels. The IRS has information online that can help protect taxpayers from email scams.

Phishing and malware schemes again made the IRS "Dirty Dozen" tax scam list this year. The last IRS Phishing Scam news release has further information.

The underlying messages frequently ask taxpayers to update important information by clicking on a web link. The links may be masked to appear to go to official pages, but they can go to a scam page designed to look like the official page. The IRS urges people not to click on these links but instead send the email to phishing@irs.gov.

For reprint and licensing requests for this article, click here.
Tax practice Technology Data security Tax fraud
MORE FROM ACCOUNTING TODAY