Perpetrators of online fraud continue finding new and innovative methods to steal taxpayer information, siphon money, or corrupt computer systems. The IRS recently warned the public of a new surge in fraudulent email impersonations of the IRS, whereby cybercriminals use alleged tax transcripts as bait to lure users into opening bogus email attachments containing viruses and malware.
This most recent scam seems to be having success against businesses where employees are easily duped into opening insidious email attachments that launch malware into computer networks. The cybercriminals are currently using a well-known malware variant called Emotet to perpetuate their schemes. The cybercriminals have been presenting themselves as “IRS Online” and send an email attachment called “tax account transcripts,” or some derivation thereof, to unsuspecting victims. The email subject line refers to the same type of information, all in attempts to invite users to click on the email. Once the virus is launched, it may do tremendous damage to computer systems and may cost thousands of dollars to repair.
The IRS constantly reminds taxpayers that it does not send unsolicited emails, does not email tax transcripts or other sensitive documents with taxpayer information, nor calls taxpayers. Do not open unsolicited emails from anyone purporting to be the IRS or respond to phone calls from anyone purporting to be an IRS representative. If you receive one of these scam emails, you may forward it to firstname.lastname@example.org. Also, notify your company’s computer security resources immediately.