Email Disguised as Ransomware Using IRS, FBI Emblems

Sep 11th 2017
Share this content

The email scams just keep on coming, and the IRS is warning of a new ransomware tactic that makes emails appear to originate from the IRS and FBI.

In an urgent warning issued recently, the agency describes emails that appear to be official and that use the emblems of the IRS and the FBI. The emails ask users to click on a “here” link to download a fake FBI questionnaire. If users actually take the bait and click on the link, it will download ransomware that prevents users from accessing data stored on their device unless they pay the crooks.

“This is a new twist on an old scheme,” said IRS Commissioner John Koskinen. “People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call."

Users should not pay the ransom. Frequently the crooks won’t provide the decryption key anyway – even after the money is paid.

Victims should report any ransomware attempt or attack to the FBI at its Internet Crime Complaint Center, IC3.gov. IRS scams should be sent to [email protected].

Tax professionals who are registered e-Services users and who revealed their credentials to the scammers should contact the e-Services help desk to reset their e-Services passwords.

For professionals who actually disclosed information and taxpayer data was stolen, they should contact their local stakeholder liaison.

While this particular ransomware scam is new, the IRS has provided abundant information about general ransomware tactics. Visit “Tax Scams and Consumer Alerts” on IRS.gov. The agency also has information on social media sites, including YouTube videos.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.