Unfortunately, cyber scammers never take a vacation. In fact, the IRS has issued a warning of a surge in fraudulent emails that bait potential phishing victims with fake tax transcripts. Links within these emails lead recipients to documents containing the well-known malware, Emotet.
Fraudulent emails will look as if they are coming from the IRS and specific banks and financial institutions. These emails usually have an attachment labeled “Tax Account Transcript” or something similar with a subject line that uses some variation of the phrase “Tax Transcript.” Be warned that scammers will likely also use other subject line verbiage.
This season’s scam targets not only individual taxpayers but businesses as well. If an employee opens the malware, it can spread through a company’s network requiring a time-consuming and expensive fix. Employers should be sure to educate employees on this newest scam and offer a refresher course on how to spot fraudulent emails.
Remember, the IRS never sends unsolicited emails or sensitive information via email. If you think that you have received a malicious email, do not click on the message. Instead, forward the potential fraudulent email to firstname.lastname@example.org and then promptly delete it. If you receive such an email at work, do not interact with it and alert your IT department immediately.