These fraudulent emails instruct recipients to download documents that purport to contain tax-law changes by following a series of links to articles on business, estate and excise taxes, exempt organizations, and IRAs.
According to the IRS, which announced the new class of scams earlier this year, clicking such emails and following the links in them opens the door for malware, which gets downloaded into the recipient's computer and enables cyber criminals to gain access to corporate and financial information.
Brian Grayek of CA, an IT management software provider, says these six tips can help consumers avoid falling victim to scams this tax season:
Don't click on links sent by the "IRS" or a tax-preparation firm.
The IRS does not initiate contact electronically.
Don't respond to email from the "IRS" or from a tax professional asking for account numbers or personal information.
To check legitimacy, call the IRS (1-800-829-1040).
Double check the URLs that you type into your Web browser window.
All IRS.gov Web page addresses begin with http://www.irs.gov/. Mistyping an address can direct you to a compromised site where cyber criminals can steal personal or financial information.
Check the extension name of an email attachment before opening.
Hackers email Trojans and worms as attachments with ".scr," ".com," and ".exe" file extensions. Once a worm is executed, it will attempt to spread to other systems, and private data could be destroyed or sent to third parties.
For refunds and payments, use a verified online payment system certified by the IRS.
Available options are posted at http://www.irs.gov/efile.
Notify the IRS if you receive a suspicious email that claims to come from the tax agency.
Relay that email to an IRS mailbox, firstname.lastname@example.org. This can help officials shut the scam down.
By Marshall Loeb