IRS Phishing

Don’t get hooked by an IRS phishing scam; inform yourself about the increasingly prevalent number of con artists who try to impersonate the IRS in order to steal your identity or financial assets. Phishing scams have severe implications on victims’ tax standing, bank accounts, and personal information, leading to a long winded trail of potential consequences. It’s imperative to learn about this practice, know how to keep a keen eye to detect a phisher, and understand what to do if you’ve been jeopardized.

What is an IRS Phishing Scam?

The term “phishing” refers to a type of cybercrime in which scammers attempt to obtain sensitive information for malicious reasons. The various types of information hackers may attempt to steal include usernames, passwords, PINs, credit cards, bank details, and Social Security numbers. With respect to IRS phishing, scammers attempt to gain access to consumers’ financial information in order to steal their identity and/or assets.


Types of IRS Phishing

Generally speaking, an IRS phishing scam involves a hacker who attempts to cast a baited line to a targeted audience, hoping that someone will bite and fall for the trap.

Con artists who phish will pose as legitimate institutions with the goal of luring individuals to disclose or reveal their sensitive data. Typically, IRS phishing scams occur over the internet and attack taxpayers by email, but scammers can also masquerade themselves over the phone, text message, social media, and other various communication channels.

Within an IRS phishing email, a scammer will usually pose as a reputable tax business or government organization in order to trick you into doing what they want. In most cases, this involves clicking a link that will take you to a fake website which requests your personal details. A tax phishing scam might threaten you with impending punishment or try to bait you with the promise of a huge return, but there are a large variety of templates IRS phishing emails may follow. Other common messages in fake emails include taxes associated with a large investment, inheritance, or property.

IRS phishing is one of the most common forms of fraud, but cyber attackers might also initiate email campaigns that attempt to trick users into downloading and installing malware, as well, so be cautious of any attachment.

How to Spot a Tax Phishing Scam

Anyone can fall victim to IRS phishing scams; sophisticated hackers are constantly targeting tax professionals and amateurs filers alike. Before you divulge your confident information to criminals who may steal your identity, rob your financial assets, or sell your personal details on the dark web, you need to learn how to identify phishing scams.

  • IRS Phishing Email + Website

When hackers attempt to phish taxpayers by email, they generally claim to be from the IRS or another tax-related entity. Check to see whether their domain is valid for the U.S. government (i.e. “.gov”) before anything else. The headline typically includes a time-sensitive, urgent warning regarding the status of a consumer’s tax return in order to get your attention. Don’t be conned by this drastic threat or fooled by any branding which may look similar to the IRS website. Be wary of generic greetings, incorrect spelling and incorrect grammar. Do not click or follow any hyperlinks or html attachments.


  • IRS Phishing Email + Malware

In addition to the previous telltale signs, be cautious of IRS phishing emails that contain harmful malware. Never open unexpected attachments in an unsolicited; simply clicking the file could result in the installation of malicious software on your hard drive. An example of this type of IRS phishing campaign might be an email that asks its recipient to open and review the “IRS Privacy Policy,” which actually disguises embedded macros that are enabled after opening.

  • IRS Phishing Scam over the Phone

You may receive an IRS impersonation over the phone from an unfamiliar number. These typically will tell taxpayers that they owe back taxes and that the IRS is planning on pursuing legal action, with the goal of conning the individual into sending money to the scammer. If you know you do not owe taxes, do not call back. If the IRS needs to get in contact with you, they will do so by mail first and foremost. The U.S. Department of Justice says the IRS will never discusses personal tax issues through unsolicited texts, emails, or over social media.

Steps for Victims of IRS Phishing Scams

Those who think they may have spotted a tax phishing scam should follow the specific instructions on how to report it to the IRS.

  • If you receive an IRS phishing email, forward it to and delete the original email.
  • If you receive a phishing phone call, report it to Treasury Inspector General Administration (TIGTA) and the IRS at
  • If you receive an unsolicited from an IRS impersonator, forward it and the originating phone number to 202-552-1226.
  • If you receive an IRS phishing scam in the form of a letter or fax, report it to TIGTA and

If you’ve fallen victim to phishing scams, there are steps you can take to resolve your situation—and the sooner you act, the better. Begin by contacting TIGTA and the Federal Trade Commission to make the information available to investigators.

During tax season, the prevalence of IRS-themed or tax-themed phishing scams spike drastically, and it’s imperative to keep a watchful eye in order to keep your personal information secure. The best way to safeguard yourself against IRS phishing and tax scams is to enlist the help of the professionals at Community Tax. We offer tax resolution services to those who need to correct fraudulent activity, and we can file and monitor your return to make sure you’re never scammed again. After working with over 50,000 clients, we’ve encountered a number of IRS phishing scams and have the experience you need for the assistance you deserve. Don’t hesitate; contact us today to see how Community Tax can help.