IRS Scam Season

Tax season in 2016 triggered a number of novel riffs on common Internal Revenue Service-based scams.

  • Published


The Internal Revenue Service (IRS) is contacting taxpayers via e-mail to convey important tax return information, complete paperwork for a refund, or request payment on a balance owed.
Dear <email address> This is an automated message generated by Internal Revenue Service (IRS) to let you know that your request has been received and it will be processed in the next 48 hours, but if you did not initiate any request whatsoever, please kindly follow the provided link and fill out the necessary information so we can STOP the initiated request. To validate your account information please click on the link below and follow the instructions that will be required. Validate Your IRS Here (this is a hyperlink) ____________________________________________________________________________________ Due to the recent oncoming 2015 Tax refund year we oblige you to update your Tax return by Downloading Tax Return Validation to enter the following, click to activate the 2015 Tax Benefit Service to update move email to inbox because failure to update will require a permanent closure of your tax return. THIS U.S. GOVERNMENT SYSTEM IS FOR AUTHORIZED USE ONLY! Use of this system constitutes consent to monitoring, interception, recording, reading, copying or capturing by authorized personnel of all activities. There is no right to privacy in this system. Unauthorized use of this system is prohibited and subject to criminal and civil penalties, including all penalties applicable to wilful unauthorized access (UNAX) or inspection of NOTICE: The IRS reserves the right to deny access to any or all electronic services, products and/or applications, at both the individual or business entity level, in the event IRS becomes aware of any activity that constitutes or appears to constitute misuse or abuse of any electronic services, products or applications. e-Services Privacy Policy ____________________________________________________________________________________ Our records indicate that your resident address has been compromised. As a result you are exempted from United States of America Tax reporting and withholdings on interest paid to you on your account and other financial benefits. To protect your exemption from tax on your account and other financial benefits, you need to recertify your exemption status and enable us confirm your records with us. Therefore, you are to authenticate the following by completing the attachment IRS Tax Refund Form. Please complete IRS Tax Refund Form (attached) and click the Submit Botton, to enable us confirm your records immediately. If your records are not confirmed on time, you will lose your tax exempt benefits and your account or any other financial benefits will be subject to US tax reporting and back up withholding* *If back up withholding applies, we are required to withhold 30% of the interest/benefits paid to you. We appreciate your cooperation in helping us protect your exempt status and also confirm our records. Sincerely, Isabella Charlotte, IRS Public Relations ____________________________________________________________________________________ As we prepare to start the 2015 Tax filling season, we have undergone slight changes in the filling process to enable filling for your refund easier and to prevent unnecessary delays. Part of the changes include updating our database with your information. Please ensure to carefully complete this verification to avoid hitches in processing your refund. To access the form for your tax refund, please download and fill in the attachment file. Note: For security reasons, we will record your ip-address, the date and time. Deliberate wrong inputs are criminally pursued and indicated.
Collected via e-mail, January 2016


Few entities in the United States are as capable of commanding an individual’s instant, undivided attention as the Internal Revenue Service. Possible contact initiated by the IRS has long been dangled as bait by scammers leveraging taxpayer fears about audits and other tax-related hassles.

E-mail scammers posing as IRS agents have been phishing for information in inboxes since at least May 2007.  The manner in which such scams are conducted range from direct collection of sensitive information (such as Social Security Numbers) to transmission of an attachment containing malware. Although a variety of IRS-based e-mail scams remained a steady nuisance, the agency explicitly stated on their web site that such communications were illegitimate:

The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

On the same page, the IRS advised:

Report all unsolicited email claiming to be from the IRS or an IRS-related function to Recent scams have used the Electronic Federal Tax Payment System (EFTPS) to attract potential victims.  Also, if you’ve experienced any monetary losses due to an IRS-related incident, please report it to the Treasury Inspector General Administration (TIGTA) and file a complaint with the Federal Trade Commission (FTC) through their Complaint Assistant to make the information available to investigators.

A 21 October 2013 IRS press release titled “IRS Warns of Pervasive Telephone Scam” addressed phone-based versions of the scams, but added an important-to-remember caveat:

“This scam has hit taxpayers in nearly every state in the country.  We want to educate taxpayers so they can help protect themselves.  Rest assured, we do not and will not ask for credit card numbers over the phone, nor request a pre-paid debit card or wire transfer,” says IRS Acting Commissioner Danny Werfel. “If someone unexpectedly calls claiming to be from the IRS and threatens police arrest, deportation or license revocation if you don’t pay immediately, that is a sign that it really isn’t the IRS calling.” Werfel noted that the first IRS contact with taxpayers on a tax issue is likely to occur via mail[.]

On 26 February 2015, the New York Times published an article titled “Call From the I.R.S.? Hang Up. It’s a Fraud.” The piece examined the popularity of IRS phone scams, and the lengths to which criminals went in their attempts to dupe taxpayers by invoking the specter of the tax agency:

“The callers are aggressive, they are relentless and they are ruthless,” said J. Russell George, Treasury inspector general for tax administration, in a statement. His office, which oversees the I.R.S., said it had received reports of about 290,000 calls since October 2013, and nearly 3,000 victims had been cheated out of more than $14 million.
Garrett Gregory, a former senior lawyer with the I.R.S. who now has a tax practice in Dallas, said the calls were pervasive and that his office heard once or twice a week from clients who were concerned about getting such calls. Most people know to “laugh and hang up,” he said, but the calls still can be unnerving. His own father received such a call a month ago, he said.

The crooks aren’t particularly discriminating in their choice of targets: The Connecticut state tax commissioner received a call this month, according to a report in The Hartford Courant. And a lawyer for the Federal Trade Commission wrote this month on the agency’s blog that she had received such a call on her home answering machine … The callers strive to appear authentic; they may use robocalling technology that shows “I.R.S.” on your caller identification screen. They may know part or all of your Social Security number and they may provide a fake I.R.S. “badge” number. In some cases, follow-up calls may come, supposedly from local police or prosecutors.

A page on featured a lengthy (but still probably incomplete) list of all known IRS-related scams pervasive in e-mail, on social media, and through other electronic methods of transmission. As the IRS has repeatedly noted, contact for any purpose initiated by the agency “is likely to occur via mail[.]”