Tax scams — email phishing

Tax scams are nothing new. The digital age has made such scams even more common. So, I received a phishing email message today claiming to be from “” with “Update Your E-file Records For 2015 Tax Return” as the subject. A detailed examination revealed that the message was not in fact from the IRS (no surprise) and contained a (malicious) link to probably a hijacked web site in Spain:


Here’s the (plain text) content:

This is an automatic message by the system to let you know that we are yet to confirm your account information ,You need to confirm your account information within 24 hours. Your account has been deactivated , Kindly click the link below to Activate your E-file Records for 2015 Tax Return.

Failure to do this would result in delay/refusal of your refund.
Activate Your E-file Records For 2015 Tax Return

Internal Revenue Service.

Why should you be immediately suspicious if you receive such an email message? As pointed on on this IRS web page:

The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

Phishing is a scam typically carried out through unsolicited email and/or websites that pose as legitimate sites and lure unsuspecting victims to provide personal and financial information.

This USA Today article summarizes the increase in electronic scams:

Email and texting scams designed to trick U.S. taxpayers into providing personal data have surged 400% so far this year, the IRS warned Thursday in a renewed consumer alert.

The schemes involve so-called phishing messages designed to trick taxpayers into believing the emails and texts represent official communications from the IRS, tax software companies or others in the tax industry.

These scams take many forms. Standard advice: Do not reply, do not open any attachments, do not click on any web links, delete the message. Note that many modern, simplified email apps make checking links problematical — checking the actual addresses of links in such messages.