.NExT Web Security - Fighting 419 (Nigerian Advanced Fee Fraud) and other internet scams. Providing International Law Enforcement, investigators and anti-scam specialists with effective tools to combat internet crime.
Serving International Law Enforcement, Investigators and Anti-scam Specialists
Countries visiting Next Web Security - 419 Nigerian Advanced Fee Fraud

Fraud News

IRS Issues Urgent Warning About Ransomware Email Scam

Kelly Phillips Erb , Forbes Staff - 17-08-29
Click here for original article
      Back to Articles

The Internal Revenue Service (IRS) has issued an urgent warning about a new scheme targeting taxpayers. The scheme, which IRS Commissioner John Koskinen called "a new twist on an old scheme" involves a bogus email which impersonates the IRS and the Federal Bureau of Investigation (FBI( as part of a ransomware scam to take computer data hostage.

The scam email uses the emblems of both the IRS and the FBI. The email may look like this:

IRS Issues Urgent Warning About Ransomware Email Scam IRS

IRS/FBI ransomware email scam

The email urges recipients to click on a link to download a questionnaire allegedly from the FBI. The email implies that the questionnaire is required as part of changes in the law focused on tax compliance. The regs referenced in the email are bogus, and the link doesn't click through to a questionnaire. Instead, the link downloads ransomware. Ransomware is a kind of malware, short for "malicious software," that prevents users from accessing data stored on their device unless they pay money to the scammers. Unlike spyware which attempts to gain access to your computer's files to get information about your financial accounts, ransomware is typically a much more straightforward play for cash - the ransom.

(If that's not a term you're used to hearing, but it sounds vaguely familiar, you may be thinking about this massive cyberattack.)

If you receive this email or any similar emails, don't click. Remember that you should never open an attachment or link from an unknown or suspicious source: it may infect your computer with malware or attempt to steal your information.

And if the email purports to come from the IRS or other federal agency? Remember that the IRS does not use email, text messages or social media to discuss personal tax issues , such as those involving bills or refunds. If you get an email asking you to visit a website or answer personal questions, do not reply and do not click on any links in the email. If in doubt, assume it's a scam.

"People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment," Koskinen warns. " People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call. "

As an additional reminder, the IRS will never:

  • Call to demand immediate payment over the phone, nor will the agency call about taxes owed without first having mailed you several bills.
  • Call or email you to verify your identity by asking for personal and financial information.
  • Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
  • Require you to use a specific payment method for your taxes, such as a prepaid debit card.
  • Ask for credit or debit card numbers over the phone or email.
  • Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.

But what if you've already clicked? Don't pay the ransom. According to the authorities, paying ransom further encourages the criminals, and there's no guarantee that the scammers will provide you with the decryption key even if you do pay. Instead, immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. You should also forward any IRS-themed scams to phishing@irs.gov.

For more tips on protecting yourself from identity theft, click here.

Tags: IRS, Ransomware, email scam, FBI, phishing, tax

Back to Articles


Please visit our sponsors

Wounded Warrior Project

Visit NExT Web Security's
Security Store