October is Cybersecurity Awareness Month

October is Cybersecurity Awareness Month: Time to Raise Awareness About Tax Schemes

 

Editor's Note: This article originally appeared in the Official Newsletter of the Federation of Tax Administrators | Washington, DC

 

Taxpayers Warned to Remain Vigilant as Texting Scams Increase

The IRS warns taxpayers of a recent increase in IRS-themed texting scams aimed at stealing personal and financial information.

So far in 2022, the IRS has identified and reported thousands of fraudulent domains tied to multiple MMS/SMS/text scams – also known as smishing – targeting taxpayers.

In recent months, and especially in the last few weeks, IRS-themed smishing has increased exponentially.

Smishing campaigns target mobile phone users, and the scam messages often look like they’re coming from the IRS, offering lures like fake COVID-19 relief, tax credits or help setting up an IRS online account. Recipients of these IRS related scams can report them to phishing@irs.gov.

During Cybersecurity Awareness Month, the IRS and the Security Summit partners in the states and the nation’s tax community remind people and the tax professional community to be on the lookout for phishing scams and other schemes that could put sensitive tax data at risk.

In the latest activity, the scam texts often ask taxpayers to click a link where phishing websites will try to collect their information or potentially send malicious code onto their phones. The IRS does not send emails or text messages asking for personal or financial information or account numbers. These messages should all be red flags for taxpayers.

Reporting IRS-themed texts to the IRS allows security professionals to track and disrupt these scams. Individuals reporting scam texts to the IRS should include both the body of the message and the sender’s information in one email or text. Copying the actual text into an email is preferred. However, if necessary, screenshots can be sent. Scam SMS/text messages can also be copied and forwarded to wireless providers via text to 7726 (SPAM), which helps them spot and block similar messages in the future.

The following process will help capture important details for reporting smishing to the IRS:

  • Create a new email to phishing@irs.gov.
  • Copy the caller ID number or email address.
  • Paste the number or email address into the email.
  • Press and hold the SMS/text message and select “copy.”
  • Paste the message into the email.
  • If possible, include the exact date, time, time zone, and telephone number that received the message.
  • Send the email to phishing@irs.gov.

Full details on this scam may be found on the IRS Increase in Texting Scams press release and at irs.gov.