Department of Revenue (DOR) and the Internal Revenue Service (IRS) are
warning folks of fraudulent emails impersonating either revenue agency and
encouraging individuals to open files corrupted with malware.
These scam emails
use tax transcripts as bait to entice users to open the attachments.
The scam is
particularly problematic for businesses or government agencies whose
employees open the malware infected attachments, putting the entire network
at risk. This software is complex and may take several months to remove.
malware, known as Emotet, generally poses as specific banks or financial
institutions to trick individuals into opening infected documents. It has
been described as one of the most costly and destructive malware to date.
Emotet is known to constantly evolve, and in the past few weeks has
masqueraded as the IRS, pretending to be “IRS Online.” The scam email
includes an attachment labeled “Tax Account Transcript” or something
similar, with the subject line often including “tax transcript.”
Both DOR and IRS
have several tips to help individuals and businesses not fall prey to email
* Remember, DOR and
the IRS do not contact customers via email to share sensitive documents such
as a tax transcript.
* Use security
software to protect against malware and viruses, and be sure it’s
* Never open
emails, attachments or click on links when you’re not sure of the source.
* If an individual
is using a personal computer and receives an email claiming to be the IRS,
it is recommended to delete or forward the email to email@example.com orto
receiving these emails should also be sure to contact the company’s