Information Technology News & Information

IRS PhishingTax season is upon us, and of course, with that comes fraud season. Tax season has only been underway for about a month, beginning on January 19th, 2016, and already the IRS is reporting surges in phishing and malware. Reports indicate as rise by as much as 400% from last tax year. Considering the tax season does not officially end until April 18th, 2016, it is concerning to think what could still be ahead in the almost 2 months remaining.

While it is commonplace for tax filers to drag their heels, filing late in the season, fraudsters are much more ambitious. They have wasted no time getting started in their attempts to get their hands on our financial information.


The IRS warns the public of the dramatic increase in phishing emails making their way into inboxes, some quite official looking and convincing in their wording. These phishing emails ask taxpayers a plethora of sensitive questions, including requesting information related to funds, PIN verifications, confirmation of personal information, and dates pertaining to your filing.  The messages are misleading because they look official, and seemingly are received from trusted sources such as the IRS or tax preparer companies or software brands.

The entire country is vulnerable to these phishing attempts, as they are not isolated to one geographic area. Attackers are attempting to gain information to be used to file fraudulent income tax returns, and lure recipients into clicking fraudulent links that lead to official-looking websites, just to obtain your information.


In addition to phishing for your sensitive information, some of these websites contain malware. Many of these sites contain such booby-traps as key loggers, which records every keystroke the victim makes on the site, including information such as login details. All of this is then reported back to the attacker.

Some of the statistics surrounding recent phishing and malware activities are staggering. For phishing and malware combined:

  • Over 1000 incidents were reported in January 2016. This is up from only about 250 last January.
  • February followed pace, doubling the number reported from last year. In the first 2 weeks of February 2016 alone there were 363 incidents reported. Last year only 254 were reported in the entire month.
  • This year’s total incident count is somewhere around 1400. That already exceeds the yearly number of incidents reported in 2014 and is over half way to beating the 2015 yearly total.


According to the IRS, there are many variations on the scheme, and several have been reported by tax preparers, state revenue departments, and software companies. Many of the variations include trying to obtain people’s online credentials to various IRS services.

There have also been multiple versions of refund fraud seen in recent years, including automated attacks that are executed by cyber criminals who go out of their way to gain access to unsuspecting individuals online tax submission accounts. In spring of 2015 criminals used an online IRS system called Get Transcript to get their hands on personal information that could be used to file falsified tax returns. Their system had no actual connection to the IRS system that is used to file returns and get refunds, it was a reference portal for retrieving tax returns filed in years past, which was the key criminals needed in order to file false returns for this tax year.

Cyber criminals struck again a few short weeks ago when they executed a PIN stealing attack that affected over 100, 000 taxpayers. During this attack, they used a list of known SSNs to attempt to gain access to the IRS’s Get My Electronic Filing Pin portal.

Spotting Phishers

Should you receive an unsolicited message from the IRS, or some other associated organization be immediately suspicious. The IRS does not initiate contact with taxpayers via email, text, social media, or any other channel, especially when sensitive information is requested.

While the email communications may look official, asking recipients to update personal information by following a link, don’t be fooled. Those links are likely made to appear like official pages, but you are headed down a slippery slope.

Some subject lines of phishing emails you should be on the lookout for include:

  • Confirm your personal information.
  • Get my IP PIN.
  • Get my E-file PIN.
  • Order a transcript.
  • Complete your tax return information.
  • Variations about people’s tax refunds.
  • Update your filing details, which can include references to W-2.

Recipients of these email scam attempts can report them to

Keep your personal information safe and secure by knowing what to look for. For more information on this and other security related concerns contact {company} at {phone} or {email}.