Almost for as long as there have been computers, there have been scammers and hackers misusing them for nefarious purposes. That remains true to this day, with new scam tactics arising every day.
The IRS recently warned the public about a new development in a long-running and well-known scam. Fraudulent emails are now circulating purportedly providing tax transcripts from “IRS Online,” in an attempt to get private and corporate users to click on a link that will download notorious malware. The malware, known as Emotet, is particularly nasty and difficult to remove. It can take months to clear from an impacted business’ computer system. It only takes a single user opening a phishing email to download the malware.
Once installed, the malware has access to sensitive data that housed on the computer or in the network, including bank account information, social security numbers, birthdays and more.
Remember that the IRS does not send unsolicited email communications; just because something is sent from an official-looking email address does not mean it is legitimate. The IRS wants to remind the public that they never send unsolicited email communications, and they definitely wouldn’t send something as sensitive as a tax transcript (a summary of a filer’s tax return) electronically. The IRS contacts taxpayers, individual and business alike through good, old-fashioned, “snail mail” instead.
The IRS also reminds taxpayers to never open such emails. Recipients should forward suspect emails to [email protected] Emails sent to a business email address should be forwarded to the company’s IT department as well.