Protect your personal information! The IRS does not initiate taxpayer communications through e-mail

What is phishing?
Phishing is a scam typically carried out by unsolicited e-mail and/or websites that pose as legitimate sites and lure unsuspecting victims to provide personal and financial information.

All unsolicited e-mail claiming to be from either the IRS or any other IRS-related components such as EFTPS, should be reported to phishing@irs.gov.

What to do if you receive a suspicious IRS-related communication
If Then
You receive an e-mail claiming to be from the IRS that contains a request for personal information … Do not reply.
Do not open any attachments. Attachments may contain malicious code that will infect your computer.
Do not click on any links.
If you clicked on links in a suspicious e-mail or phishing website and entered confidential information, visit our identity protection page.
Forward the e-mail as-is, to us at phishing@irs.gov.
After you forward the e-mail and/or header information to us, delete the original e-mail message you received.

You discover a website on the Internet that claims to be the IRS but you suspect it is bogus … … send the URL of the suspicious site to phishing@irs.gov. Please add in the subject line of the e-mail, ‘Suspicious website’.

You receive a phone call or paper letter via mail from an individual claiming to be the IRS but you suspect they are not an IRS employee …
Phone call:

Ask for a call back number and employee badge number.
Contact the IRS to determine if the caller is an IRS employee with a legitimate need to contact you.
If you determine the person calling you is an IRS employee with a legitimate need to contact you, call them back.
Letter or notice via paper mail:

Contact the IRS to determine if the mail is a legitimate IRS letter.
If it is a legitimate IRS letter, reply if needed.
If caller or party that sent the paper letter is not legitimate, contact the Treasury Inspector General for Tax Administration at 1.800.366.4484.

You receive an unsolicited e-mail or fax, involving a stock or share purchase claiming to be from the IRS …
… and you are a U.S. citizen located in the United States or its territories or a U.S. citizen living abroad.

Complete the appropriate complaint form with the U.S. Securities and Exchange Commission.
Forward e-mail to phishing@irs.gov.
Please add in the subject line of the e-mail, ‘Stock’.
If you are a victim of monetary or identity theft, you may submit a complaint through the FTC Complaint Assistant.
… and you are not a U.S. citizen and reside outside the United States.

Complete the appropriate complaint form with the U.S. Securities and Exchange Commission.
Contact your securities regulator and file a complaint.
Forward e-mail to phishing@irs.gov.
Please add in the subject line of the e-mail, ‘Stock’.
If you are a victim of monetary or identity theft, you may report your complaint to econsumer.gov.

You receive an unsolicited fax claiming to be from the IRS, requesting personal information … Contact the IRS to determine if the fax is from the IRS.
If you learn the fax is not from the IRS, please send us the information via e-mail at phishing@irs.gov. In the subject line of the e-mail, please type the word ‘FAX’.

You have a tax-related question …
Note: Do not submit tax-related questions to phishing@irs.gov.
If you have a tax-related question, unrelated to phishing or identity theft, please contact the IRS.

How to identify phishing e-mail scams claiming to be from the IRS and bogus IRS websites
Sample of phishing e-mails
First sample of an actual IRS-related phishing e-mail – PDF
Second sample of an actual IRS-related phishing e-mail – PDF
Is it a phishing website posing as the IRS? – PDF
Are you a victim of Identity Theft?
Contact the Federal Trade Commission at 1-877-IDTHEFT (438-4338)
Visit the IRS Identity Theft resource page

——————————————————————————–
Remember, the IRS does not initiate e-mail communication with taxpayers regarding EFTPS or tax account matters.
The IRS does not …

… request detailed personal information through e-mail.
… send any communication requesting your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

——————————————————————————–

What to do if you receive a suspicious e-mail message that does not claim to be from the IRS
If Then
You receive a suspicious phishing e-mail not claiming to be from the IRS … Forward the e-mail as-is to reportphishing@antiphishing.org.

You receive an e-mail you suspect contains malicious code or a malicious attachment and you HAVE clicked on the link or downloaded the attachment … Visit OnGuardOnline.gov to learn what to do if you suspect you have malware on your computer.

You receive an e-mail you suspect contains malicious code or a malicious attachment and you HAVE NOT clicked on the link or downloaded the attachment … Forward the e-mail to your Internet Service Provider’s abuse department and/or to spam@uce.gov.

Its Phishing Season
Tagged on: