IRS Warns of Phony e-Mails Claiming to Come from the IRS

WASHINGTON—The IRS today alerted taxpayers about Internet scams in which fraudulent e-mails are sent that appear to be from the IRS.

The emails direct the consumer to a Web link that requests personal & financial information, such as Social Security, bank account or credit card numbers. The practice of Tricking victims into revealing private  personal & financial over the internet is known a “phishing” (pronounced fishing) for information.

The IRS does not send out unsolicited emails or ask for detailed personal & financial information. Additionally, the IRS never asks people for the PINs, passwords or similar secret access information for their credit card, bank account or other financial accounts

The information fraudulently obtained by scammers is used to steal the taxpayer’s identity & then his/her financial assets. Generally, identity thieves use someone’s personal data to steal his/her financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name & even file fraudulent tax returns to obtain refunds rightfully belonging to the victim.

“Don’t be fooled by these shameless scam artists. The IRS doesn’t send unsolicited email.” said IRS Commissioner Mark W Everson. “Always exercise caution when you receive unsolicited emails or emails from senders you don’t know, & always verify the source.”

Last year, the IRS established an electronic mail box, phishing@irs.gov, to receive copies of possibly fraudulent emails involving misuse of the IRS name, logo or Web site for investigation. Since the establishment of the mail box, the IRS has received more than 17,700 emails from taxpayers reporting more than 240 separate phishing incidents. To date, investigations by the Treasury Inspector General for Tax Administration (TIGTA) have identified host sites in at least 27 different countries, as well as the US.

In the on-going email schemes that use the IRS name, about which the IRS has warned the public before, the recipients are asked to click on links to take them to the “IRS” Web site. The links appear authentic & connect the victim to sites that resemble the genuine IRS Web Site (www.irs.gov). The sites prompt the victim for personal identifiers, credit card numbers, PIN or similar financial information. The phony sites appear legitimate because most of the images & content are copied from the actual pages on the genuine IRS Web site before being modified by the fraudsters to include their loaded questions.

The schemes have a few variations. In one, the bogus email tells the recipient that he/she is eligible to receive a federal tax refund for a given amount & sends the recipient to a Web site to complete a form to “submit the tax refund request.” The form then asks for the personal & financial information.

The IRS doesn’t notify taxpayers of refunds via email. Additionally, taxpayers don’t have to complete a special form or provide detailed financial information to obtain a refund. Refunds are based on information contained on the federal income tax return filed by the taxpayer.

In another scheme, the email states that the IRS’s “Antifraud Commission” (sic) has found that someone tried to pay their taxes through the Electronic Federal Tax Payment System, EFTPS, using the email recipient’s credit card and that, as a result, some of the recipient’s money was lost and the remaining “founds” (sic) were blocked. The email contains visual elements copied from the genuine IRS Web site in an attempt to make the email appear legitimate. The email includes a link that sends the recipient to a Web site that asks the recipient to enter personal and financial information, such as SSN and account numbers, in order to unblock their funds.

The IRS doesn’t have an Antifraud Commission, doesn’t have the authority to freeze a taxpayer’s credit card or bank account because of potential theft or fraud perpetrated against the taxpayer, & doesn’t use email to initiate contact with taxpayers.

A third, recent scheme asks the recipient to wire thousands of dollars in order to retrieve the winnings on a lottery. On such email instructed the recipients to wire $42,000 to retrieve the winnings on a British lottery. This email used simulated IRS letterhead with the actual address of an IRS office at 290 Broadway, Manhattan, NYC, in an attempt to persuade the recipient of the legitimacy of the email.

The IRS doesn’t handle lottery distributions & doesn’t initiate contact with taxpayers via email. Additionally, lottery winnings are generally reported by the winner to the IRS with his/her annual federal income tax return, at which time any taxes due must be paid.

Recipients of questionable emails claiming to come from the IRS should not open any attachments or click on any links contained in the emails. Instead, they should forward the emails to phishing@irs.gov or notify TIGTA’s toll free hotline 1-800-366-4484. The IRS & TIGTA work with the US Computer Emergency Readiness Team (US-CERT) & various Internet service providers & international CERT teams to have the phishing sites taken offline on soon as they are reported.

Recently, the IRS has become aware of commercial Internet sites that bear a striking resemblance to the real IRS site or that contain the some form of the IRS name in their name but with a .com, .net, .org or other designation in the address instead of .gov. Though these sites may not be phishing site—that is, they may not request private financial data in an attempt to seal the consumer’s identity—the IRS urges consumers no to be misled into thinking such sites are the genuine IRS Web site or have some connection to the real IRS. The only genuine IRS Web site is IRS.gov.

More information on phishing schemes & others, including abusive tax avoidance transactions, frivolous arguments & more, may be found on the Compliance & Enforcement page at IRS.gov.