IRS commissioner calls scam a "new twist on an old scheme"
By News-Argus Staff
Published in News on August 30, 2017 12:14 PM
Full SizeWASHINGTON -- The Internal Revenue Service has issued a warning to people to avoid a new phishing scheme that impersonates the IRS and the FBI as part of a ransomware scam to take computer data hostage.
The scam email uses the emblems of both the IRS and the FBI. It tries to entice users to select a "here" link to download a fake FBI questionnaire.
Instead, the link downloads a certain type of malware called ransomware that prevents users from accessing data stored on their device unless they pay money to the scammers.
"This is a new twist on an old scheme," said IRS Commissioner John Koskinen. "People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won't get their first contact from the IRS with a threatening email or phone call."
The IRS, state tax agencies and tax industries in partnership as the Security Summit, are conducting an awareness campaign called Don't Take the Bait, that includes warning tax professionals about the various types of phishing scams, including ransomware.
Victims should not pay a ransom. Paying it further encourages the criminals, and frequently the scammers won't provide the decryption key even after a ransom is paid.
Victims should immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. Forward any IRS-themed scams tophishing@irs.gov.
The IRS does not use email, text messages or social media to discuss personal tax issues, such as those involving bills or refunds. For more information, visit the "Tax Scams and Consumer Alerts" page on IRS.gov. Additional information about tax scams is available on IRS social media sites, including YouTube videos.
Tax professionals and people registered as e-Services users who disclosed any credential information, should contact the e-Services help desk to reset the e-Services password. If information and taxpayer data was stolen, contact your local stakeholder liaison.