Skip to main content
Did You Know

Did You Know IRS Warns of Another E-mail Scam about “Tax Transcripts?”

Did You Know the IRS Warns of Another E-mail Scam about “Tax Transcripts?”  

On Monday, November 19, 2018, the IRS alerted the public to the potential of a new scam related to IRS Tax Transcripts.  The scam e-mail reportedly masquerades as the IRS and indicates that the message is from “IRS Online.”  The goal is to get individuals to open documents or links in the e-mail that will allow the introduction of malware. 

Please review the screenshot of the IRS News Release below.  [Alternatively, below the screenshot, we give the Universal Resource Locator (URL), i.e., Web address, to the actual notice on the IRS’ Web site.]

We encourage schools to become aware of this latest scam and the attempt at infiltration with malware.  It would be beneficial to alert your students and prospective students of this newest malicious effort.  This scam provides yet another opportunity to remind students and staff of the importance of ensuring data and information security, especially as it relates to such material that contains personally identifiable information (PII), regardless where the PII is contained. 

IR-2018-226, Nov. 19, 2018

WASHINGTON — The Internal Revenue Service and Security Summit partners today warned the public of a surge of fraudulent emails impersonating the IRS and using tax transcripts as bait to entice users to open documents containing malware.

The scam is especially problematic for businesses whose employees might open the malware because this malware can spread throughout the network and potentially take months to successfully remove.

This well-known malware, known as Emotet, generally poses as specific banks and financial institutions in its effort to trick people into opening infected documents. The Summit partnership of the IRS, state tax agencies and the nation’s tax industry remind taxpayers to watch out for this scam.

However, in the past few weeks, the scam masqueraded as the IRS, pretending to be from “IRS Online.” The scam email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”

These clues can change with each version of the malware. Scores of these malicious Emotet emails were forwarded to phishing@irs.gov recently.

The IRS reminds taxpayers it does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript, which is a summary of a tax return. The IRS urges taxpayers not to open the email or the attachment. If using a personal computer, delete or forward the scam email to phishing@irs.gov. If you see these using an employer’s computer, notify the company’s technology professionals.

The United States Computer Emergency Readiness Team (US-CERT) issued a warning in July about earlier versions of the Emotet in Alert (TA18-201A) Emotet Malware.

US-CERT has labeled the Emotet Malware “among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.”


To see this IRS warning in the actual News Release on the IRS Web site, please access it via the following URL: 
https://www.irs.gov/newsroom/irs-warns-of-tax-transcript-email-scam-dangers-to-business-networks

Should you have any questions regarding the information in this edition of our DYK, please feel free to contact FAME Customer Service through the Client Solution Center.


This material is presented for informational and educational purposes only and should not be considered to be giving legal advice

Leave a Reply