Each year, the IRS releases its’ “Dirty Dozen,” which is a list of the top 12 tax scams to watch out for. And, this year, the scheme that made the top of the list is certainly one that has fooled many: phishing attacks.

Amongst all of the tax scams out there, phishing is definitely one of the most common. As IRS Commissioner Chuck Retting said, “Taxpayers should be on constant guard for these phishing schemes, which can be tricky and cleverly disguised to look like the IRS.” With the threat of falling a victim of a phishing attack at its peak during this tax season, it’s important to know how to prevent it from happening.

So, here’s how to identify a phishing attack to keep you and your loved ones safe and secure.

What is Phishing?

Basically, in regards to tax scams, phishing attacks occur when a hacker, posing as the IRS, sends a fake email or text to an individual with the ultimate goal of tricking them into providing confidential or personal information. Typically, this email includes a malicious attachment or URL link that, if clicked, will grant the hacker access to your personal information. From there, the hacker generally uses that information to steal money.

Other forms of phishing attacks involve the ‘IRS’ asking individuals to login to an account, such as their bank account, to receive a reward, such as a large tax return. However, the link embedded in the email directs them to a fake login page that looks almost identical to that of the trusted organization, such as their bank. Once their credentials are typed in, the hacker will then easily be able to access the information that is protected by those credentials, such as their bank account.

What are Some Signs of Phishing?

Most phishing attacks are easily identifiable, as they exhibit most of the following signs:

  • An email sent from an entity that claims to be the IRS
  • The sender is not the official IRS address, but is very similar to it
  • The email promises you a reward, such as a large tax return
  • The email asks for confidential information, such as the login credentials to your bank
  • The email includes an attachment or link which you are encouraged to open
  • The email requires “immediate” or “urgent” action
  • The email includes typos or grammatical mistakes
  • The email includes multiple legitimate links, as well as a few unusual or unrecognized links

For example, a common example of a phishing attack is when an individual receives an email from an unofficial sender, who claims to be the IRS. In the email, the individual is offered a large tax return. However, in order for them to receive this money, they must log in to their bank account online or provide the necessary information required to access their account. Another example might involve an individual being sent an email that urges them to open an “important attachment,” which, when clicked, downloads malware onto the individual’s computer, allowing the hacker to access and steal their personal information and credentials.

How to Avoid a Phishing Attack

Phishing attacks can easily be avoided by not only being aware of the indicators of a this scam, but also knowing how the IRS will contact an individual. In general, the IRS rarely initiates contact with individuals other than through the U.S. Postal Service. Furthermore, the IRS will never contact an individual via email, text message, or social media requiring them to login to an account or claim a reward.

To be on the safe side, consider any email you receive that claims to be the IRS to be a phishing attack. If you are sent one, do not click the links or attachments embedded within the email. Instead, immediately forward the email to phishing@irs.gov and report the scam to the Treasury Inspector General for Tax Administration. If you are unsure of whether it is a scam or not, call the IRS directly at (800) 829-1040 or call the Raleigh IRS Office at (919) 850-1100.

Need Assistance with Preparing Your Tax Return?

This tax season, eliminate the stress of having to prepare your tax return by allowing our Raleigh CPAs at Steward Ingram & Cooper to help. Our team can prepare your taxes as effectively as possible, while minimizing the risk of any mistakes, to save you both time and money. With our services, you can rest assured that your taxes are properly taken care of, and immediately know that any phishing attack you may receive is illegitimate.

Schedule a consultation with us today for superior assistance with your tax preparation. Give us a call at (919) 872-0866 or complete our online contact form.