Brace yourself: Here come the tax time phishing scams


It’s that time of year again … it’s so predictable you could almost set your watch by it: Tax season email scams. Thieves are pretty smart and can create a convincing-looking phony email – don’t fall for their traps. Clicking on a phony or “phish” mail could result in a computer virus, lost money, or a stolen identity. And guess what? It’s not just computer newbies who fall for these scams: smart, experienced people can be tricked too.
First rule of thumb, right from the IRS:

The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.

All unsolicited email claiming to be from either the IRS or any other IRS-related components such as the Office of Professional Responsibility or EFTPS, should be reported to phishing@irs.gov.

Here’s a guide from the IRS with more information about recognizing and reporting phishing and other fraudulent solicitations.
Second rule of thumb: Never send sensitive financial information via email – it is not secure. This includes social security numbers or PIN numbers, passwords and other access information for credit cards, banks or other financial accounts.
Third rule of thumb: If you get an email request to update your password or to enter an account number, password, or other identifiable information, DO NOT click on a link or reply. Instead, go directly to the site of the organization that is asking for the update and sign in to your account. If there is a request for updated information, you will find it there.
Fourth rule of thumb: Never enter any financial or account information on a site unless you are sure it is secure. How can you tell? Look for the “s” – most websites are preceded by http:// – secure websites use https:// – that one little letter makes all the difference. Most browsers will also show a little icon of a padlock right in the address bar beside the web address. You can’t always trust a web page graphic promising security since these can be faked – look for the website address and the padlock in the address bar.
For more, see our past posts:
How Can I Securely Send Sensitive Tax Docs to My Tax Preparer?
Don’t get hooked by tax-time phishing!

Leave a Reply