Tax Scams: An email from the IRS? Think again!

(Image: Shutterstock)

COLORADO SPRINGS, Colo. — Have you filed your tax return yet?

Officials are warning of an influx in scam emails claiming to be from the IRS or electronic tax filing services.

According to IBM Security, the IRS estimates it prevented $22.5 billion in fraudulent identity theft in 2014 but paid out around $3.1 billion in fraudulent refunds the same year.

So far, officials have seen criminals selling W-2s and tax information for around $40 to $50 online. This information is then used to file false returns and could potentially gather enough information to access your bank account.

Here are some tips courtesy Caleb Barlow, Vice President of Threat Intelligence at IBM, on how to keep your personal information safe as you prepare your taxes:


  • Seasonal Phishing: Criminals could entice you to open emails and files which have malware embedded in them, enabling them to steal your passwords or other financial information. The email may look like it is coming from the IRS.
  • Turbo Scammed: Many tax software companies are competing for your business this time of year and send marketing emails to persuade you to file with them. Cybercriminals have recreated the look and feel of those emails and could redirect unsuspecting consumers to fraudulent websites where they steal login details, ultimately leading to enough information to file a return.
  • Check your W-2s: Crooks may send the accounting staff an email that appears to have come from an executive asking for employee W-2 information. Unsuspecting employees open them, answer questions and send sensitive information.


  • Sign up for a pin from the IRS: If your records have been breached, make sure to sign up for a pin from the IRS as false tax returns are a common result. The IRS IP PIN is a 6-digit number assigned to eligible taxpayers to help prevent the misuse of their Social Security number on fraudulent federal income tax returns.
  • File your taxes right away: File as soon as you receive the W-2 from your employer. If your data was compromised, it can take long before you find out. The longer you wait, the more likely a criminal is to attempt to use your data.
  • Be vigilant with your email inbox: The IRS does not initiate contact with taxpayers by email, text, or social media to request personal or financial information. This includes requests for PIN numbers, passwords or other similar access information for credit cards, banks or other financial accounts.
  • Be aware of spoof emails: Be aware of scammers sending spoof emails from a target organizations’ CEO, asking human resources and accounting departments for employee W-2 information.
  • Don’t click on links in your emails and avoid opening attachments: If you intend to self-file online, access your vendor’s website directly.


  • The IRS does not email you: The IRS will communicate with you about taxes via snail mail. Don’t open any emails claiming to be from the IRS.
  • Don’t reuse passwords: Regularly change your passwords, especially when filing your taxes online. Avoid using a password you’ve used on other websites.
  • Take advantage of free monitoring: If you have been notified of a breach, the organization breached is likely offering free credit monitoring services, so take advantage of that.
  • Report it: Suspect a phishing email, or a fake website purporting to be a tax authority’s site? Report it by sending it to You can also file a complaint with the FTC.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s