Government warns of rise in IRS-themed SMS scams

Government warns of rise in IRS-themed SMS scams

The Internal Revenue Service (IRS) is warning taxpayers of a significant increase in so-called “smishing” attacks, which are IRS-themed text message scams designed to steal personal and financial information. Smishing attacks target cellphone users by sending fraudulent text messages offering fake COVID relief, tax credits or other benefits.

The IRS does not send emails or text messages asking for personal or financial information or account numbers, the agency says.

So far in 2022, the IRS has identified and flagged thousands of fraudulent internet domains responsible for multiple IRS-themed smishing attacks. Recently, these attacks have increased exponentially.

Mobile phones targeted

Smishing, a form of text phishing, is a scam designed to trick you into divulging personal or financial information, including account numbers. Since smishing uses text messages, cell phones and other MMS/SMS devices are prime targets.

Fraudulent messages often appear to be from the IRS and offer benefits such as COVID relief, tax credits or help setting up an IRS account online, according to the agency. Text messages often ask recipients to click on a link where the fraudulent website attempts to collect personal information or send malicious code to the phone.

The increase in SMS scams started in 2020

The IRS first noticed an increase in smishing reports in the fall of 2020. Reported attacks, which always requested personal and financial information, have continued during the COVID pandemic. In addition to an extensive warning campaign, the IRS released a video on how to avoid IRS SMS scams.

Beginning in the fall of 2020, the IRS observed an increase in reports of smishing scams requesting personal and financial information from taxpayers. These smishing campaigns have continued throughout the pandemic. The IRS has taken many steps to warn people of this ongoing threat, including releasing a video on how to avoid IRS texting scams.

As the IRS steps up its efforts to stop online fraud, criminals are developing new tactics. One includes using algorithms to automatically generate hundreds or even thousands of fraudulent domains. The agency reports that a recent smishing campaign used just three dozen stolen or fake email addresses to create more than 1,000 fraudulent domains.

As October Cybersecurity Awareness Month approaches, the IRS and partners in the State Security Summit and the national tax community remind people and the tax professional community to be on the lookout for phishing scams and other schemes that could put sensitive tax data at risk. .

How to Report a Smishing Attack to the IRS

The IRS maintains an email inbox (phishing@irs.gov) to collect and process online IRS, Treasury, and Tax scams. Smishing involving other government agencies or private labels should not be reported to phishing@irs.gov.

If you receive an IRS-related SMS scam, report it to phishing@irs.gov.

Reporting IRS-themed texts to the IRS allows IRS security personnel to track and disrupt these scams. Your report to the IRS must include both the message body and sender information in an email or text. It’s best to copy the actual text into an email, but screenshots are also allowed.

To report a smishing attack, the IRS says to do the following:

  • Create a new email to phishing@irs.gov.
  • Copy the caller ID number (or email address).
  • Paste the number (or email address) into the email.
  • Long press the SMS/text message and select “copy”.
  • Paste the message into the email.
  • If possible, include the exact date, time, time zone, and phone number that received the message.
  • Send the email to phishing@irs.gov.

Taxpayers should continue to report these scams to phishing@irs.gov. Reporting them allows the IRS to flag these scams to the appropriate service providers for action, thereby protecting other taxpayers who may receive a variant of the same scam.

Additional reports you can do

In addition to reporting the scam to the IRS, IRS-related scams can be reported to the Treasury Inspector General for Tax Administration using the Impersonation Scam Reporting Form. identity of the IRS and the Federal Trade Commission (FTC) through their complaints assistant. This will make the information available to investigators from those agencies.

You can also copy and forward fraudulent text messages to your wireless service provider by texting them to 7726 (SPAM). This allows providers to spot and block such messages in the future.

October is Cyber ​​Security Awareness Month

As October approaches Cybersecurity Awareness Month, the IRS and the Security Summit, a coalition of state tax agencies and private sector tax firms, remind taxpayers and the tax community to be on the lookout for phishing and smishing scams and other schemes that may compromise sensitive tax data.

In addition, the IRS has partnered with representatives from the software industry, tax preparation firms, payroll and tax financial product processors, and state tax administrators to combat other crimes, including identity theft reimbursement fraud, to protect taxpayers.

The essential

Vigilance is the bottom line. Do not click on in-text links, especially if you believe they are not from a legitimate source. Government agencies such as the IRS do not send text messages requesting personal or account information.

It can be hard to tell if a text is legit or not. If in doubt, report the text via the information listed above. Then contact the IRS directly to find out if they have tried to contact you.

#Government #warns #rise #IRSthemed #SMS #scams

Leave a Comment

Your email address will not be published. Required fields are marked *