Tax Refund Phishing Scam – Protect Your Money

Dermot SmythSecurity and Compliance Officer
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it

Huge Rise in Tax Season Phishing Attacks.

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it. Per the IRS ,  the 2016 tax season saw a  400% increase in phishing and malware incidents; and the trend doesn’t seem to be slowing down.

Every year around this time, a sea of fraudulent emails is sent out to corporations and tax payers alike. Referencing topics such as tax refunds, IP pins, and missing information; these scam emails can collect user information, install malware, or worse.

The Tax Refund Phishing Scamtax return fake email scamThe scam works by sending the user “an official-looking email from what appears to be an official source, whether the IRS or someone in the tax industry. The underlying messages frequently ask taxpayers to update important information by clicking on a web link.”

Once a hacker has collected the victims information, they then file tax returns with the government. IRS Commissioner  John Koskinen, highlights the danger;

“Criminals are constantly looking for new ways to trick you out of your personal financial information so be extremely cautious about opening strange emails, The IRS won’t send you an email about a tax bill or refund out of the blue. We urge taxpayers not to click on any unexpected emails claiming to be from the IRS.”

The success of these attacks come down to  who the hackers target is within a company.  They use a variety of tactics, including  social listening to identify these security weaknesses.

 Who’s a Target?

The ideal target for one of these attacks is a  junior  or  newly hired professional, usually within the company’s HR department.  These employees will be eager to please and wanting to make a good impression, meaning they are more easily breached.

One of the most common tactics for tax refund phishing attacks is to send falsified emails from the  company CEO asking for confidential information. These attacks take advantage of the new/junior employee’s eagerness to please and possible unwillingness to saying no to the boss.

Best Defense Against Tax Scams

With scams getting more advanced each day, protecting personal and corporate information can seem daunting. The best way to defend against phishing and malware attacks is to follow three simple steps.

1.     Follow Best PracticesSecure your email with security best practices lock and key tax refund

  • Never send personal information via an unsecured email
  • Challenge and confirm suspicious requests
    • Even when it’s from the boss or CEO
  • Change passwords frequently
  • Limit information to need-to-know basis

2.    Ensure employees are trained

  • A chain is only as strong as its weakest link; and in email security that link is usually humans.  Make sure employees are well educated and trained on how to identify phishing emails to reduce risk. Every 30 seconds a new phishing attack is launched; ensure your employees know how to detect and protect.

3.    Email Security

  • Having a full stack security service to filter and protect your email, keeps the sea of phishing and malware away from your employees. Last year, human error accounted for 37% of security incidents, and caused millions of dollars in loss.

The IRS doesn’t initiate contact with taxpayers by email, text message, or social media. Period. The official IRS website is and any legitimate IRS webpage will begin with Don’t be fooled by close variations (such as irsgov,, or similar). If you do receive an email claiming to be from the IRS, and you weren’t expecting one, don’t reply, click on any links, or open any attachments. Forward the email as is to and delete the original email.

Email security requires an ever-evolving service that stays up to date with counter-evolving threats. Using our own research, The Email Laundry, helps to detect and filter malware, using real-time threat intelligence, dynamic malware analysis and automated threat response. 

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.