The Internal Revenue Service (IRS) is warning consumers to be aware of a new email phishing scheme, which impersonates the IRS and the Federal Bureau of Investigation (FBI) as part of a ransomware scam to take computer data hostage.
The scam email uses the emblems of both the IRS and the FBI. It encourages users to select a link to download a fake FBI questionnaire. Instead, the link downloads a type of malware called ransomware, which prevents users from accessing data stored on their device unless they pay money to the scammers.
Pictured below is an email used in this phishing scheme:
“This is a new twist on an old scheme,” said IRS Commissioner John Koskinen. “People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call.”
The IRS does not use email, text messages or social media to discuss personal tax issues, such as those involving bills or refunds. For more information, visit the Tax Scams and Consumer Alerts page on IRS.gov.
What can you do?
- Do NOT pay a ransom. Paying it further encourages the criminals, and frequently the scammers won’t provide the decryption key even after a ransom is paid.
- You can also report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, IC3.gov. Forward any IRS-themed scams to [email protected].
If you are ever concerned about the validity of an email or letter, contact the sending company or organization and get confirmation before taking any further action.