The Government has warned about the rise in IRS-themed texting scams, Smishing is an abbreviation for SMS phishing, in which malicious software/codes are sent via multiple MMS, SMS, or email messages. The International Revenue Service (IRS) has detected and reported thousands—and even hundreds of thousands—of these bogus domains associated with various smishing schemes aimed against taxpayers. And it has warned people about the exponential increase in smishing scams centered around the IRS that aim to gather financial or personal data, including account numbers.
IRS-Themed Texting Scams: What You Need to Know
The IRS noticed this upsurge in the fall of 2020. And even throughout the pandemic, these smishing operations persisted. In addition to publishing a video explaining how to prevent IRS-themed texting scams, the IRS has taken several other actions to alert individuals to this persistent threat. The IRS issued these warnings because the campaigns are being run on a large scale in frequency and volume.
These criminals, many of whom are savvy and sophisticated mafias, pose as IRS agents while utilizing fictitious identities and fraudulent badge numbers. They usually also have a lot of information about their targets, such as the victim’s first name, state of origin, and even immigration status. Then the victims are informed that they owe the IRS money and must pay it right away through a gift card or wire transfer without any opportunity to question the amount they claim is owed by the victim.
The most common campaigns the IRS warns about are scam emails that seem to be from the IRS. Some people get communications concerning a tax refund that seem to be from the Taxpayer Advocacy Panel (TAP). The IRS seeks advice from TAP, a volunteer board, on systemic concerns impacting taxpayers but never asks for and never has access to any taxpayer’s financial and personal data. These mailings offer tempting offers, such as bogus tax rebates, COVID relief, or assistance creating an IRS online account.
The IRS-themed texting scams text in the most recent IRS-observed campaign invites people to click a link that takes them to phishing websites. These websites are primarily designed to gather visitor information, send malware to the phone, or perhaps download hazardous software, which may be used to hack the users’ phones and obtain their private information. The IRS never sends emails or texts requesting account numbers or other sensitive information. All of these messages ought to raise warning signs for taxpayers.
The IRS is working to stop internet fraud, but thieves are employing ever-evolving strategies to cast a wider net and seize more victims and save them from these IRS-themed texting scams. One such approach is to use algorithms to create hundreds or thousands of bogus websites. For instance, a recent effort created over 1,000 fake domains with just thirty-two stolen or fictitious email addresses. For this same reason, the IRS partners with the Security Summit, a private sector tax business in the community, to urge citizens all over and tax professionals to be on the alert for phishing frauds and other methods that can jeopardize private tax information.
How to Avoid Being a Victim of an IRS-themed Texting Scams
It is wiser to accept that we may never be able to eliminate IRS-themed texting scams, but what we can do is take some precautions that will drastically lower the chances of becoming victims of a smishing scam. In these situations, the best offense is a competent defense.
To begin with, remember that the IRS does not send emails or messages requesting personal or financial information or account numbers. If a message appears to be too good to be true, it most often is. However, don’t assume messages from services or businesses are legitimate just because they seem benign and don’t appear to be an attempt to bribe or threaten. Never unintentionally click links, and never submit personal information on any website if you do. Avoid responding to the hoax SMS as well. That proves your existence and may increase your chances of receiving additional communications.
The caller frequently turns aggressive and disrespectful. Or threaten that the victims may face arrest, deportation, or the suspension of their business or driver’s license for not paying. So if you are requested to do something, such as submit your information, transfer money, or something similar, the best thing you can do is contact the “sender” directly using a recognized means you trust. You should be ready to notify the proper authorities right away if it ends up being a phishing attempt.
And if you live in areas with Do Not Call lists or spam reporting systems, you should take full advantage of them. Scam SMS/text communications can also be copied and forwarded to the IRS. Our best advice? Report. Block. And move on with your life as if nothing happened.
Reporting a Smishing Attack to the IRS
Tax fraud has cost thousands of people millions of cash and personal information. Scammers set people up, including businesses, payroll, and tax experts, via the postal service, the phone, or email.
October is Cybersecurity Awareness Month. And the IRS urges all taxpayers to make it a civic responsibility to be more vigilant and seek to report any phishing scams and other related schemes that may be sensitive and put your financial or tax information at risk.
By reporting IRS-themed texting scams to the IRS, security experts can follow and thwart these frauds. Individuals reporting scam texts to the IRS should include the message’s substance and the sender’s identification in a single text or email. It is preferable to copy and paste the content into an email.
However, screenshots can be supplied if necessary. Scam SMS/text messages can also be copied and given to cellular operators through text to 7726 (SPAM), assisting them in identifying and blocking similar communications in the future. The Internet Crime Complaint Center should also be notified of any incidents, successful or unsuccessful. Anyone inputting personal information or becoming a victim of IRS-themed texting scams can find more assistance on the IRS website.
How to Report a Smishing Attack
The steps below will assist you in gathering critical information for reporting smishing attacks to the IRS:
- Send a brand-new email to [email protected].
- Write down the email address or caller ID number.
- Add the email address or phone number to the email.
- Copy the text message.
- Paste/add the text message to the email.
- If possible, provide the date, phone number, and time you got the message.
- Forward the email to [email protected].
Along with the IRS, the Federal Trade Commission (FTC), the Treasury Inspector General for Tax Administration, and the Treasury Department’s Office of Inspector General for Tax Administration are other agencies where you can report IRS-related fraud. The investigators at these agencies will then have access to the information.
The W-2 scam is one of several new variants centered on large-scale thefts of sensitive tax information from tax preparers, corporations, and payroll organizations. Businesses and payroll service providers may now swiftly report any data losses connected to the widespread W-2 fraud thanks to a method developed by the IRS. The IRS can then take action to protect employees from becoming victims of identity thieves submitting bogus returns in their names if they are alerted in time. Information is also provided on how to report receiving fraudulent emails.
These reports will enable the IRS to report these frauds to the proper service providers for the necessary action to be taken, thereby safeguarding other taxpayers who may, at another time, fall victim to a version of the same scam.
The IRS has also established the Office of Fraud Enforcement to enhance IRS efforts to detect and deter fraud while improving the national fraud program as part of its ongoing focus on tax compliance challenges.
In honor of International Fraud Awareness Week, we will highlight the IRS’s tremendous effort in fraud enforcement. They will participate in a global effort to reduce the effects of fraud, particularly tax fraud, by increasing fraud awareness and education. The IRS’s efforts to combat tax and other financial fraud will benefit taxpayers worldwide and underscore the importance of fraud prevention in society.
Determining whether a text is authentic or not can be complicated. If in doubt, report the text using the details provided above. The key is to be vigilant and avoid falling victim to fraud. The IRS never sends emails or texts requesting account numbers or other sensitive information.
DO NOT RESPOND if you ever receive any questionable emails or SMS messages. Your response will let the fraudster know that you have a “live” contact number or email address, which makes you the target of future messages. Delete them, block the email or number, and don’t fail to report it.
Generally speaking, if you are a business owner, invest in a full-fledged IT department to assess your cybersecurity requirements. Employers should establish procedures for sharing private employee data, especially Forms W-2.