What You Need To Know About Tax Scams

What You Need To Know About Tax Scams View Infographic: What You Need To Know About Tax Scams

April 17 marks this year’s Internal Revenue Service (IRS) tax filing deadline, and many consumers are rushing to complete and file their returns. Unfortunately, cybercriminals also use tax season as a social engineering lure to trick people into giving them their credentials, money, and personal information — from fake IRS phone scams and email, fraudulent online services, and phishing techniques.

How IRS Tax Fraud Works

IRS tax scams typically begin with cybercriminals sending spam email to potential victims. When the user opens a malicious attachment or clicks a link found in the email, malware, normally a spyware, banking trojan, or a remote access trojan (RAT), spreads and steals the victim’s personal identifiable information (PII), which an attacker can use to gain access to financial accounts.

These tax-related scams have become so prevalent that in 2004 the IRS came up with a list of tax fraud scams to help taxpayers stay safe from fraudsters. Dubbed "The Dirty Dozen," these 12 tax scams continue to deceive and compromise users.

Here are the IRS’ Dirty Dozen for 2018:

Examples of tax-related email scams:

Social engineering email related to tax season affected the most victims in countries such as the U.S., Australia, and New Zealand. Users in the U.K. are also targeted by tax-related spam with malicious attachments. Below are a few samples of tax fraud emails:

ATO Refund Email

This socially-engineered spam email pretends to be a refund notification from the Australian Tax Office (ATO), saying that the recipient is eligible for a hefty refund. It instructs the user to open the attached archive and extract the files in their system to get the refund.

IRS Tax Exemption Notification

The keywords used in the phishing email sample below uses Tax Exemption Notification as the email subject. To appear legitimate, the email body contains an image banner of the IRS. The message tells the recipient that he is exempted from reporting and that he is eligible for other financial benefits. The sender pretends to assist the recipient, but in reality, the cybercriminal behind this scam is phishing for information by urging the user to give out sensitive information by completing the fake W-8BEN form in the attached PDF file.

Refund from HMRC 

This tax-related scam appears to come from HM Revenue and Customs, a U.K. government institution. It tricks users into opening the message by using the subject “tax refund.” Users who fall for this lure are invited to download the form attachment, which then opens in a browser. The form is a phishing page that captures information.

Scare Tactic Leads to Ransomware


Ransomware operators also take advantage of taxpayers in Australia and New Zealand by sending spam email using “penalty tax” in its subject heading. Users who click on the More Information button are led to the following landing page, while the cryptolocker malware is downloaded to the victim’s system. In February, spam email that used tax-related lures delivered Rapid ransomware. The IRS regularly issues scam alerts so taxpayers can avoid them.

Indeed, taxpayers should exercise more caution to protect from IRS tax scams. Never open links or attachments that come from unexpected or suspicious senders, especially when they claim to be from officials or agents of government organizations. Unsolicited email from an IRS-related component such as Electronic Federal Tax Payment System (EFTPS) should be immediately reported to the IRS via phishing@irs.gov. It also helps to stay abreast of the latest security threats and use the latest security technologies such as Trend Micro’s File, Web, and Email Reputation services as they effectively block access to malicious sites and spam email, as well as detect malware.

To help you avoid IRS scams, here are the things that the IRS will never do:

  • Call and demand immediate payment or call about taxes owed without first having sent a bill
  • Initiate contact by email to request personal or financial information
  • Demand tax payment without giving you the opportunity to question or verify the owed amount
  • Ask you to give out credit and debit card information over the phone or email
  • Require you to use a specific payment method for your taxes such as prepaid debit card
  • Threaten to bring law enforcement to have you arrested for not paying 
What You Need To Know About Tax Scams

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.