Information Security Advisory: Beware of Tax Scams
By Office of Communications & Marketing | Apr 1, 2026
The following e-mail is being sent on behalf of Igor Gorelik, Information Security Officer
Tax season is a peak time for cybercriminals to launch phishing and fraud campaigns. Attackers often impersonate trusted organizations like the Internal Revenue Service to trick users into revealing sensitive personal or financial information.
Common Tax Scam Examples
- Emails claiming you鈥檙e owed a tax refund
- Text messages asking you to 鈥渧erify your tax information鈥
- Calls threatening penalties or arrest
- Attachments labeled 鈥淲-2,鈥 鈥1099,鈥 or 鈥淭ax Statement鈥
- Links to fake 鈥渞efund portals鈥
How to Spot a Tax Scam?
Please watch for these red flags
- Urgent or threatening language (鈥淎ct now!鈥)
- Requests for SSN, banking info, or passwords
- Misspelled sender addresses or suspicious domains
- Unexpected attachments or links
- Payment requests via gift cards, crypto, or wire transfers
The Internal Revenue Service does NOT initiate contact by email, text, phone call, or social media to request sensitive data.
How to Protect Yourself
- Do not click links in unsolicited tax-related messages
- Type official website addresses manually into your browser
- Verify suspicious messages through trusted sources
- Always use multi-factor authentication (MFA)
If a tax-related message creates urgency and asks for personal information 鈥 it鈥檚 likely a scam.