The Internal Revenue Service (IRS) has issued a warning about a new email
scam in which malicious cyber actors send unsolicited emails to taxpayers from
fake (i.e., spoofed) IRS email addresses. The emails contain a link to a
spoofed IRS.gov website that displays fake details about the targeted
recipient’s tax refund, return, or account. The emails instruct the recipient
to access their refund information by entering a provided password on the
spoofed website. By entering the password, the victim unintentionally downloads
malware that could enable the malicious cyber actors to take control of the
affected system or obtain sensitive information.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
and administrators to review the IRS
news release and the CISA Tip on Avoiding Social Engineering
and Phishing Attacks for more information.