The IRS released a list of if/then scenarios for taxpayer who get phished. The IRS does not initiate contact with individuals by email or text to request personal or financial information. Individuals should treat any un-solicited, suspicious email from the IRS as potential fraud.
If an individual receives a suspicious communication from the IRS, he or she should take the following actions:
- Email. If Someone receives an email claiming to be from the IRS that contains a request for personal information…
Then the recipient should:
- Not reply.
- Not open any attachments. They can contain malicious code that may infect a computer or mobile phone.
- Not click on any links.
- Forward the email as-is to the IRS at phishing@irs.gov.
- Delete the original email.
- Website. If someone discovers a website that claims to be the IRS but the user suspects it is bogus…
Then they should:
- Send an email with the URL of the suspicious site to phishing@irs.gov.
- Include a subject line of “suspicious website.”
- Text Message. If someone receives an unsolicited text message claiming to be from the IRS…
Then the recipient should:
- Not reply.
- Not open any attachments.
- Not click on any links.
- Forward the text as-is to the IRS at 202-552-1226. Standard text messaging rates apply.
- If possible, in a separate text, forward the originating number to the agency at 202-552-1226.
- Delete the original text.
