Tax time is peak season for identity theft and IRS scams. In late 2018, the IRS warned of a tax email scam especially toxic to businesses.
A malware known as Emotet poses as specific banks and financial institutions in an effort to trick recipients of the email into opening the document. The unleashed malware then tries to steal information from the infected devices. If a business network is infected by the malware, months are required to successfully remove the damage caused.
The United States Computer Emergency Readiness Team (US-CERT) has labeled the Emotet malware “among the most costly and destructive malware affecting state, local, tribal and territorial (SLTT) governments, and the private and public sectors.” According to US-CERT, Emotet infections have cost SLTT governments up to $1 million per incident to remediate.
This scam has recently expanded to include “IRS Online” as the sender. The subject line uses “some variation of the phrase ‘tax transcript’”. The IRS does not send unsolicited emails to the public nor would it email a sensitive document such as a transcript unless requested to do so.
Their advice – If you receive a suspicious email, don’t open it or the attachment. Instead, forward the unopened email to phishing@IRS.gov and delete the scam email from your personal computer. If you receive a scam email through a work computer, notify your company’s information security team and tech professionals.