IRS warns of ‘tax transcript’ email scam

Emotet, a particularly destructive piece of malware, is spreading under the guise of an IRS notice.

The IRS is being impersonated by scammers in an email making the rounds and using “tax transcripts” as bait to entice people to open attachments laced with malware.

In its newswire IR-2018-226, the IRS and Security Summit partners warned that the scam is particularly troublesome for businesses whose employees might open the malware, known as Emotet, since it can spread throughout a company’s network and take months to remove successfully.

Emotet usually masquerades as specific banks, credit unions and other financial institutions in trying to trick people into opening infected documents. This is not the first appearance of Emotet, but what’s new is its guise as the IRS. It pretends to be from “IRS Online,” and contains an attachment labeled “Tax Account Transcript” or something similar. The subject line uses some variation of the phrase “tax transcript.”


continue reading »