In a bulletin sent to the Falmouth Police Department, the Department of Homeland Security's National Cybersecurity and Communications Integration Center warns of an increase in email phishing scams in the weeks leading up to the April 15 deadline for filing tax returns.
According to the bulletin, each year scammers take advantage of taxpayers' focus on returns and refunds to send emails purporting to be from the Internal Revenue Service or private tax preparers, using the phony messages to illicit personal information or introduce dangerous software onto people's computers.
“During the tax filing time of year,” the document says, “DHS, IRS, and law enforcement agencies see increased phishing activity... The objective of these attacks is to lure people to click on links or an attachment within the body of an email, leading [them] to execute malicious computer code.”
Find out what's happening in Falmouthwith free, real-time updates from Patch.
Taxpayers should treat any email claiming to be from the IRS with suspicion, says Bill Ferzoco, a certified public accountant with Lake & Ferzoco, a Teaticket Highway firm specializing in tax planning and preparation.
“The bottom line is, the IRS doesn't initiate contact via email,” Ferzoco says. “Anything [claiming to be from the IRS] through email is erroneous.”
Find out what's happening in Falmouthwith free, real-time updates from Patch.
Ferzoco says the IRS will not even accept documents from tax preparers in email form, insisting on faxed of mailed communication. Firms such as Lake & Ferzoco are careful to inform their clients of that policy, and to warn them to delete any emails purporting to be from the IRS.
Even if the message seems legitimate, there's no reason to take the risk of clicking on links or opening attachments, either of which could contain malicious code. Instead, taxpayers should go to the IRS's Web site, where any information or services referred to in the email will be available.
This is generally true of private tax preparers as well, so anyone receiving unexpected emails from such companies should call and confirm their authenticity before opening attachments.
“It' all about security,” Ferzoco says. “They don't want that kind of information in cyberspace.”
For more information on phishing scams, visit the IRS's pages covering Cyber Criminals, Suspicious Emails, and Financial Information Policy. To report suspicious emails or Web sites, forward the message or send the URL to phishing@irs.gov. If you've lost money or credit rating due to a cyber attack, you can contact the Secret Service or FBI.
