Where is My Refund?   |   October 15 Deadline   |   Why eFile?

Fake IRS Emails, Phishing Be Aware

Beware of scam or fake emails trying to phish information

Christian Gertenbach, Unsplash

The IRS categorizes any email scam that involves tricking victims into revealing personal and financial information over the Internet as "phishing." The IRS does not initiate contact via email, text message, or social media channels. They also do not ask people for PIN numbers, passwords, or other personal information for their credit card, bank, or other financial accounts. Every year, the IRS alerts taxpayers to the latest versions of these email scams. Learn more about tax fraud and prevention.

Have you received an unusual email from someone pretending to be the IRS? Forward it directly to the IRS at phishing@irs.gov. If you believe you have accidentally provided your information to identity thieves, the IRS suggests immediately creating an Identity Protection PIN, or IP-PIN.

The Latest Email Tax Scams

Keep up with these scams so you and your family and friends do not fall victim to any of them. The IRS will never initiate contact via email - if you receive an email requesting information, containing links, and claiming to be the IRS or associate with the IRS, it is likely a scam.

Below are some of the most recent email tax scams:

  • Emails, texts about the advance Child Tax Credit: Fake emails or texts may be sent requesting information in order for a person to verify their identity to claim their advance Child Tax Credits payments as part of the third stimulus bill. These inquiries may state that you need to provide your information in order to begin receiving your due payments. This is not true; the IRS is issuing these payments based on your most recently filed tax return. If you have already filed, then you do not need to verify yourself nor provide additional information.
  • Emails to students: The IRS will not email your school account, likely ending in a ".edu", requesting information. Students are often targeted because all it takes is one student to click on a link; this can give access to a mailing list of all students, spreading these emails. The email may state that something needs updating regarding your recent return in order to receive your tax refund and may ask you to click a link and fill an online form. Simply disregard the email or report it to the IRS directly.
  • Fake Tax Bills Related to the Affordable Care Act: These "bills" are emails with attachments of fake CP2000 IRS notices (the IRS only sends these notices via certified mail) related to 2015 Affordable Care Act underpayments for 2014 health insurance coverage. The emails request that taxpayers write a check to "I.R.S" and send it to the "Austin Processing Center" with a Post Office Box address, as well as send an electronic payment via clicking a link. 
  • Update IRS e-File Emails: These emails include a link to a fake website that looks like the official IRS website. They instruct the reader to "update your IRS e-file immediately.” by clicking the link and entering their information in the website that opens. The emails mention IRSgov and USA.gov, but not IRS.gov (IRS-dot-gov). These emails are NOT from the IRS, so anyone who gets these types of emails should not respond to the email or click on any links in the email.
  • Emails Supposedly from the IRS Criminal Investigation Division: Emails purporting to be from IRS Criminal Investigation Division falsely states that the person is under a criminal probe for submitting a false tax return to the California Franchise Board. They seek to entice people to click on a link or open an attachment to learn more information about the complaint against them. DO NOT click the link in the email or open the attachment. The link and attachment is a Trojan Horse, which can take over a computer hard drive and allow someone remote access to it.
  • The IRS Acting as Arbitrator: This type of email suggests that a customer has filed a complaint against a company and the IRS can help to settle the despite. Different versions of the email are aimed at business and individual taxpayers. 
  • Requests for Bank Account Numbers: Other fraudulent email scams entice taxpayers to click their way to a fake IRS website and ask for bank account numbers. Another widespread email tells taxpayers the IRS is holding a tax refund for them and asks for financial account information.

How to Identity Fake Emails

Any email from the IRS is a scam if they are initiating contact first. It can be helpful to know how to identity one of these emails based on some identifying factors. See these tips:

  • Links: The email will have a link with it requesting that the recipient click the link and enter some information. You may be asked to enter your personal information to receive a payment or that you need to verify your identity so it is not compromised. Doing so would give your information directly to someone who should not have it. Often, these are long links containing various numbers and letters in no order. Inspect the link and take note of why you are being asked to click on it.
  • Subject Line: The subject line should always be something regarding what the email will be about. You may see the subject line of URGENT or ATTENTION; these are only done to catch your eye. This is common and it is important to know that it is likely not urgent and is only said to me so the recipient will panic and open the email.
  • Greeting: If you have an account with a company, they will almost always address you by your name. For example, if you have an eFile.com account, we will begin your email by using your first name. If you are certain you have an account with a company who you received an email from and they use a generic greeting, such as "sir" or "ma'am," be wary of this when reading the rest of the message.
  • Sender: If some of the above information has raised your concern, see where the email is coming from. Scammers may use a variation of a company's email, appearing as the company itself. Be sure that the sender is a person you know or a company email which you have interacted with before and/or recognize.

How the IRS and State Agencies Fight Email Tax Scams

The IRS and the Treasury Inspector General for Tax Administration (TIGTA) work with the U.S. Computer Emergency Readiness Team (US-CERT) and various Internet service providers and international CERT teams to have the phishing sites taken offline as soon as they are reported.