By: Nick Pratt (Overwatch Security Analyst) and Ben Weerts (Overwatch Inside Sales/Marketing)
As we approach the October 15 extension deadline, the Internal Revenue Service (IRS) is alerting taxpayers about a new email phishing scam. A spoofed IRS.gov link has led taxpayers to a bogus web page where they have been prompted to download malware. The IRS is warning taxpayers and tax professionals to be aware of what links they click on and to be extra vigilante of any emails they receive.
How does email Phishing work?
Phishing emails almost always carry messages directing the recipient to a “spoof website”— a knockoff version of a legitimate business website. These messages often look like they are from an organization that the recipient has an association with financially, such as the IRS or a bank. For example, you first receive an email, then asked to click on a link to confirm your identity or update your information. However, the senders’ goal is to steal your personal information, such as passwords, credit card data and Social Security Number (SSN) with the intention of using the information to commit fraud in your name. Phishing emails may also bear attachments that embed malicious codes that could damage your computer.
How to detect IRS-related Phishing emails
Any tax-related phishing email often contains “IRSgov,” directing you to update your IRS online account immediately. The biggest indicator of a scam is that it’s missing the dot in between “IRS” and “gov” in the web address.
3 classic examples of Phishing attacks:
- You qualify for a refund, but you must click on a link and fill out a form to access it.
- Your credit card funds were fraudulently used by someone else, but you can recover some of the money by visiting the included website.
- You will get a large sum in lottery winnings, a tax refund or an inheritance if you provide your personal and financial information.
4 steps to handle email Phishing scams:
- Do not respond or click on any links or open any attachments.
- Forward the email in its original form to the actual IRS at firstname.lastname@example.org.
- After you have forwarded the email over to the IRS, delete the email from your inbox and or move to the trash folder.
- Lastly you may report monetary losses to the Treasury Inspector General for Tax Administration (TIGTA) and the Federal Trade Commission websites.
4 warning signs for other types of Phishing scams:
- Generic email salutations, such as “Dear valued customer,” instead of your name. The sender can send any other greeting, but if it does not have your name be suspicious of the email. It is better to be safe than sorry.
- Poor grammar or spelling errors.
- Conflicting web addresses: Place your mouse over the link to see if the URL matches the typed web address in the message. If it doesn’t, it’s likely a scam. Avoid clicking this link to prevent downloading anything malicious.
- Web addresses that resemble those of prominent businesses but are slightly different. For example, the URL of a spoof site mimicking PayPal.com may begin with “http” instead of “https”. Or the web address may be something like “secure-paypal.com” instead of PayPal’s actual URL.
2 steps to handle non-IRS Phishing scams?
- Report non-IRS phishing scheme to the Federal Trade Commission (FTC).
- Protect yourself, your data and your clients. Regardless of whether it’s your personal data that’s in danger or the information you have on your many clients, follow the steps to avoid becoming a victim.
Is there anything else I can do to avoid being scammed?
Use common sense and be skeptical. Sometimes the best thing to do is to analyze the phone call or message you receive from the IRS. Most of the time they don’t make much sense when you pay close attention. If you truly fear, suspect or know that you have an issue with the IRS, you will need to take the lead and call the IRS directly.
If you’re a business with concerns about protecting your network and data and bolstering your cybersecurity posture, Overwatch Managed Security Platform-as-a-Service can connect you to the right managed service provider (MSP), who can offer you 24×7 cybersecurity coverage at an affordable price.