Popular IRS and HMRC tax themed Internet scams
During March and April, there is always a surge of scams where scammers pose as tax related entities such as the IRS in the US and the HMRC in the UK in order to scam victims. We discuss some popular scams and how to spot them.
In the United States, April is tax deadline month, and in the UK it’s marks the beginning of the next tax year. As such, around this time, scammers are always looking for ways to use these dates as a way to scam victims.
Fake ‘Tax Transcript’ or ‘Rebate’ email attachments
Tax season is a great time for scammers to trick victims into opening email attachments containing malware. That’s because tax themed emails provide the perfect social engineering trick, since they can panic, excite or pique the curiosity of email recipients.
For example, an email that appears to be from the IRS or HMRC claiming to provide the details of a tax rebate could trick a recipient into opening it, or an email purporting a problem with the recipient’s tax submission may alarm the recipient into opening an email attachment.
There are many tax themed social engineering tricks that are all designed to trick a recipient into opening a malicious email attachment that could subsequently install any number of malware variants onto a victim’s device, including (and especially) ransomware.
Look at this real life example below purporting to be from the HMRC that contains a malicious attachment.
Tax entities don’t send unexpected emails containing email attachments, so if you receive one, just delete it or if you’re unsure, contact the tax entity directly.
Sponsored Content. Continued below...
Phishing emails
The various social engineering tricks used by scammers don’t always get used to trick recipients into opening dangerous attachments. They can also be used to trick victims into clicking links that lead to spoof websites pretending to be associated with the tax entity (e.g. IRS, HMRC.)
The tricks can be similar. Again, they can use the bait of a tax refund or claim there is a tax error to lure recipients into clicking a link to a spoof website.
These spoof websites are designed to harvest any information entered into them, so they’re a good way of stealing sensitive information such as contact information, taxpayer information and potentially passwords for online tax accounts. This is enough information for crooks to commit identity fraud.
Check out this example below which appears to come from the HMRC that attempts to trick recipients into clicking by claiming a tax submission has been unsuccessful.
Remember to avoid clicking links within emails, especially emails you didn’t expect, and always check the URL address of a website you’re on before you enter any details. If you’re not sure, go to the relevant website directly instead of clicking on a link in an email.
Sponsored Content. Continued below...
Fake threatening phone calls
Not all tax related scams begin with an email. Many can start with a phone call from someone identifying themselves as an agent for the IRS or other tax entity claiming that the call recipient owes money from unpaid taxes, and failure to pay will result in a poor credit score, fines or even imprisonment. The phone number on your caller ID may even appear to come from the relevant source (called “spoofing”.)
Sometimes these calls are from automated bots asking you to call a number. Other times it is real people on the other end of the phone. The aim of the scam is to panic the victim into paying a “tax bill” that doesn’t really exist. Usually the scammer implores the victim use a payment method like Western Union, or more commonly through the use of purchasing gift cards and reading the voucher code. These are sure fire red flags of a scam.
Tax entities don’t initiate contact in this way, and never request immediate payment over the phone. Nor do they insist on only one payment method. Remember, just because someone over the phone claims they are from the IRS, it doesn’t mean that they are. Again, if you’re unsure, hang up the phone and call the IRS (or other) directly.