IRS Warns of ‘Tax Transcript’ Email Scam Targeting Businesses
The Internal Revenue Service released a warning on Monday about what they are calling a "Tax Transcript" scam in which they warned the public about a surge of fraudulent emails impersonating the IRS and using transcripts as bait to entice users to open emails that contain malware.
Missoula CPA Walt Kero received the memo from the IRS and shared the information with our sister station KGVO News.
“The bad guys are impersonating the IRS using ‘tax transcripts’ as bait for the unsuspecting,” said Kero, a regular guest on KGVO’s Talk Back show. “They’re especially targeting businesses whose employees may open the email. Inside the email there’s malware known as ‘Emotet’. It poses as specific banks and institutions trying to trick people into opening up infected documents.”
Kero described the effect that the Emotet virus has upon a victim’s computer system.
“Once you open up this email it starts infecting your computer,” he said. “It sets up little protocols and as you do certain things it will transmit information to the perpetrators, and once they get that information they can use it to their advantage. They’ll get your social security numbers, income, bank accounts. The email may pose as a bank indicating they are looking for IRS Transcripts. It’s like a spider with a web, and they’re going to try to get you caught up in that web.”
The IRS sent out this message:
‘In the past few weeks, the scam masqueraded as the IRS, pretending to be from “IRS Online.” The scam email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”
These clues can change with each version of the malware. Scores of these malicious Emotet emails were forwarded to email@example.com recently.
The IRS reminds taxpayers it does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript, which is a summary of a tax return. The IRS urges taxpayers not to open the email or the attachment. If using a personal computer, delete or forward the scam email to firstname.lastname@example.org. If you see these using an employer’s computer, notify the company’s technology professionals.
The United States Computer Emergency Readiness Team (US-CERT) issued a warning in July about earlier versions of the Emotet in Alert (TA18-201A) Emotet Malware.
US-CERT has labeled the Emotet Malware “among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.’