3 min read

Tax-related phishing scams and malware attacks have quadrupled, says IRS


February 24, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Tax-related phishing scams and malware attacks have quadrupled, says IRS


The IRS says that the number of reports it has received of phishing and malware schemes targeting US consumers have rocketed this tax season – claiming that it has seen an “approximate 400 percent surge”.

Across the country official-looking communications are being received, claiming to come from the IRS and companies that develop accounts software and provide services for assisting in the preparation of tax returns. And the tax-related criminal campaigns are not just being distributed via email, but are also being sent via SMS text messages.

Often the fraudulent communications attempt to crowbar personal information out of innocent tax payers, or verify passwords and PIN information.

The reason for the attacks? Yes, online criminals want to exploit innocent victims’ personal tax details, and use them to file false tax returns. But on many occasions the attackers will often simply use tax as a lure to trick users into endangering their computer’s safety in the first place, before planting ransomware or other malicious attacks onto a victim’s PC.

In all, the IRS says it has had 1,026 malware and phishing incidents reported to it already this year, compared to 254 in the same time period last year. And with the official tax deadline still two months away, it’s clear that the problem is only going to get worse.

It’s clear that things have got pretty bad when you see what Intuit, the developer of well-known accounting software for individuals and small businesses such as TurboTax, Mint, QuickBooks and Quicken, is doing about it.

To its credit, Intuit maintains an online security center which is regularly updated with details of new email scams that have targeted its customers.

Here is just one of the examples of scams seen this week, posing as message from TurboTax, and urging unsuspecting customers into clicking on a dangerous link in order to “reactivate” their account.


Aside from phishing attacks, some fraudsters are also attacking computer users with malicious emails that link to websites harbouring keylogging spyware.

IRS Commissioner John Koskinen has warned users to be wary of unexpected tax-related emails in their inbox:

“This dramatic jump in these scams comes at the busiest time of tax season. Watch out for fraudsters slipping these official-looking emails into inboxes, trying to confuse people at the very time they work on their taxes. We urge people not to click on these emails.”

The IRS has, of course, been of interest to online organised criminals for years and the idea of duping users into handing over their personal information by pretending to be the taxman is nothing new. But things got more serious last year, when as many as 334,000 taxpayer accounts were breached.

I suspect what makes tax-related scams and malware attacks so successful, however, is that – unlike online businesses – we cannot chose *not* to deal with the IRS and other tax agencies around the world. So, for many people, a communication from the taxman or from a software vendor that provides tax services doesn’t seem so strange – and they let their guard down.

Stay clued up about the latest threats, and always exercise a healthy skepticism about the messages that arrive in your inbox, and the text messages you receive on your phone.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like