Fact Checked

IRS issues warning about tax transcript email scam

Businesswoman working on laptop in a hotel roomImage: Businesswoman working on laptop in a hotel room
Editorial Note: Intuit Credit Karma receives compensation from third-party advertisers, but that doesn’t affect our editors’ opinions. Our third-party advertisers don’t review, approve or endorse our editorial content. Information about financial products not offered on Credit Karma is collected independently. Our content is accurate to the best of our knowledge when posted.

Earlier this year, the IRS took steps aimed at making tax transcripts more secure — but that’s not stopping scammers from sending bogus “tax transcript” emails to get you to click into a dangerous virus.

Last week, the IRS warned consumers and businesses that scammers impersonating the IRS are sending malware-loaded emails “using tax transcripts as bait” to convince recipients to open the emails.

The malware is known as Emotet, and scammers generally use it to pose as banks and financial institutions. It’s most commonly delivered through email and is capable of stealing information from infected devices, according to internet security company Symantec. In the last quarter of 2017, Emotet activity increased 2,000%, reported Symantec.

Want to know more?

What’s the background?

The IRS warning, issued Nov. 19, notes there has been a “surge of fraudulent emails” pretending to be from “IRS Online.”

The malware-carrying emails typically have attachments labelled “Tax Account Transcript” or something similar. The subject line also uses the phrase “tax transcript” in some variation.

Why does this matter?

The U.S. Computer Emergency Readiness Team calls the Emotet malware “among the most costly and destructive malware” currently circulating, and notes it has cost state, local, tribal and territorial governments as much as $1 million per incident to remediate an infection.

Fraudsters send imposter scam emails because they tend to work. In 2017, nearly one out of every five people who reported being a victim of an imposter scam lost money — $328 million in total, according to the Federal Trade Commission.

The median amount lost to an imposter scam in 2017 was $500, says the FTC. And if you receive an Emotet-carrying phishing email on a work device and open it, every device networked with yours could also be at risk. A business’ losses could be much greater than an individual’s.

What can you do?

Tax season will be here before you know it, and you may be more inclined to pay attention to — and open — an email that mentions your private tax transcript. Be alert for signs that such emails are scams. The IRS says red flags include:

  • An attachment labeled “tax transcript” or something similar
  • “Tax transcript” (or a variation of those words) in the subject line
  • An unsolicited email purporting to be from the IRS

“The IRS … does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript, which is a summary of a tax return,” the IRS says.

Remember, the IRS won’t send you a tax transcript unless you’ve requested one. You can do so through the IRS website or by mailing a request.

If you receive a suspicious email, don’t open it or the attachment, the IRS warns. Instead, forward the unopened email to phishing@IRS.gov and delete the scam email from your personal computer. If you receive a scam email through a work computer, notify your company’s information security team and tech professionals.

 


About the author: With nearly 30 years of experience in media, marketing, public relations and journalism, Evelyn’s written about nearly everything — from newspaper accounts of salacious capital murder trials to whitepapers on what typ… Read more.