The email scams just keep on coming, and the IRS is warning of a new ransomware tactic that makes emails appear to originate from the IRS and FBI.
In an urgent warning issued recently, the agency describes emails that appear to be official and that use the emblems of the IRS and the FBI. The emails ask users to click on a “here” link to download a fake FBI questionnaire. If users actually take the bait and click on the link, it will download ransomware that prevents users from accessing data stored on their device unless they pay the crooks.
“This is a new twist on an old scheme,” said IRS Commissioner John Koskinen. “People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call."
Users should not pay the ransom. Frequently the crooks won’t provide the decryption key anyway – even after the money is paid.
Tax professionals who are registered e-Services users and who revealed their credentials to the scammers should contact the e-Services help desk to reset their e-Services passwords.
For professionals who actually disclosed information and taxpayer data was stolen, they should contact their local stakeholder liaison.
While this particular ransomware scam is new, the IRS has provided abundant information about general ransomware tactics. Visit “Tax Scams and Consumer Alerts” on IRS.gov. The agency also has information on social media sites, including YouTube videos.