Dangers of Fake IRS Emails & Calls & How to Protect Yourself

Scammers pretend to be the IRS, tricking you into giving them your private information or money, but you can beat these scams if you know what to look for.

Jason James
Updated 1 November 2021
Dangers of Fake IRS Emails & Calls & How to Protect Yourself

Phishing Statistics 2021

90% of data breaches are caused by phishing
3.4 billion phishing emails are sent every day

1.4 million phishing websites are created every month

Source: Digital InTheRound, 2021

Sections on this page
  1. Fake IRS Emails
  2. Fake IRS Websites
  3. Fake IRS Phone Calls
  4. Extra Protection Against IRS Impersonators

Anyone can find themselves dealing with the Internal Revenue Service (IRS)—whether it's filing a tax return, enduring an audit, or paying estimated taxes. Unfortunately, scammers capitalize on the IRS being so well-known and trusted by millions of Americans, impersonating the government agency to steal your information and money. Some of the most common scams to be aware of involve fake IRS emails and phone calls.

Fake IRS Emails

This scam begins with scammer-sent emails, with subject headers that may include "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder," among other variations. Although at first glance, the sender appears to be the IRS—it isn't.

Fake IRS email.
Example of a fake IRS email designed to trick you into clicking a link.

According to the IRS, the agency DOES NOT send:

  • Unsolicited emails
  • Emails about tax refund statuses
  • Emails asking for PINs or passwords
  • Emails requesting bank or credit card information
Chuck Rettig, IRS Commissioner

The IRS does not send emails about your tax refund or sensitive financial information… This latest scheme is yet another reminder that tax scams are a year-round business for thieves. We urge you to be on-guard at all times.

Don't Open Attachments or Click on Links

The scammer's goal here is to get you to open an attachment or click on links within the fake IRS email—don't do either. The attachment is likely loaded with malware is installed onto your device once you open it. Once installed, scammers can track your every keystroke, paying specific attention to passwords and usernames for your online banking and credit card accounts.

Variation of Email Scam

A popular variation of the IRS email impersonation is known as the "tax transcript" email scam. The email presents itself as part of "IRS Online" and routinely includes the subject line "Tax Account Transcript" or a variation. Like with other email scams, the scammer's goal is to get you to click a link within the email to unleash malware onto your device. DON'T click the link.

If you receive an email you suspect is fraudulent, the IRS recommends the following:

  • Don't reply.
  • Don't open any attachments.
  • Don't open any links.
  • Forward the email, as is—preferably with its full email header—to [email protected].
  • Delete the original email.

Fake IRS Websites

The scam emails include links directing you to the scammer's websites that look like official IRS websites.

In some cases, the email includes a "temporary" or "one-time" password to supposedly access your account on the phony site.

Once you've "logged in" to the phony website's portal with that "temporary" password, you will have activated the malware the scammers had lying in-wait. And then the heist takes place, with scammers transferring funds from your accounts, racking up cash advances, and even changing your password to lock you out.

Always Check the URL

The URL of the IRS website should include "irs.gov" as the primary domain. If you've landed on a fake IRS website with a different URL, close the window and don't enter any information.

Fake IRS Phone Calls

Scammers also impersonate the IRS over the phone. In one version of a telephone scam, the scammer will try tricking you into giving out your Social Security number (SSN) and other personal information.

But in the extortion version, scammers will lead you to believe you have taxes overdue and demand the payment of a fine immediately to avoid arrest. The scammers will often request payment by non-traceable methods, such as:

Example IRS Scam Call (Robocall)

The reason of this call is to inform you that the IRS is filing lawsuit against you. This call is an emergency and time sensitive. We are calling from investigation team of IRS. Please call this number back. 

Some of the most frequently used tactics used by IRS imposters include:

  • Fake names and IRS badge numbers to identify themselves.
  • Knowing the last four digits of your Social Security number.
  • A spoofed caller ID to make the phone number appear as if it's the genuine IRS.
  • Bogus IRS emails sent to you to support their bogus calls.
  • Fake background noise of other IRS calls to mimic a legitimate IRS call center.
  • After threatening victims with jail time, scammers hang up. Others soon call back pretending to be from local law enforcement agencies, spoofing their caller ID to make you think it's legit.

In reality, the IRS doesn't threaten taxpayers with arrest by phone or demand payment debit cards or money transfer services. Instead, if you have an overdue amount, the agency will send you a bill by mail. Payments for outstanding taxes should be made by check to "U.S. Treasury" or through the official IRS government web portal at IRS.gov.

What to Do If You Receive a Suspicious or Fake IRS Call

If you received a suspicious call from someone claiming to be the IRS, don't engage with the scammer, but make a note of:

  • The date and time of call(s) or message(s).
  • The telephone number call appears to be from.
  • The telephone number the scammer directs you to call.
  • The name and title the scammer they used to introduce themselves.
  • What the scammer claimed to call about.

In addition, keep in mind these DOs and DON'Ts:

  •  DON'T answer the call.
  •  DON'T make any payments or disclose passwords or personal information.
  •  DON'T call back a missed call or message.
  •  DO hang up if you've answered a suspicious call.
  •  DO report the suspected fraud via email to the IRS at [email protected].
  •  DO report the suspected fraud to the Treasury Inspector General for Tax Administration (TIGTA) through the online portal or by calling (800) 366-4484.

The IRS is a part of the U.S. Department of the Treasury, while the Treasury Inspector General for Tax Administration (TIGTA) is responsible for investigating internal and external crimes involving the Treasury, including the IRS.

Reporting fake IRS emails and calls to the TIGTA is crucial as it can lead to a fraud investigation or add to an investigation already underway—which can ultimately help catch the scammers.

Extra Protection Against IRS Impersonators

Remember that if you receive an email from the IRS, don't click on any links or open attachments. However, if you happen to enter your information on a fake IRS website or open an attachment, you can still protect your accounts and money from scammers.

Enable Two-Factor Authentication

Two-factor authentication (2FA) is available through most major online banks and credit card companies. While it may seem a hassle to set up or use, doing so can stop thieves from emptying your bank accounts or charging thousands of dollars to your credit card.

2FA creates a second level of protection for your accounts. When you log in to your accounts, you'll be required to enter a one-time code (in addition to your password) that is sent to your email or cell phone.

From Wells Fargo

Two-factor authentication, also known as “2FA”, is a method of identity verification using two different factors, such as a password (something you know) and a security token or one-time verification code sent to your mobile device (something you have). Companies use this method because it is more effective in protecting against unauthorized account access than a password alone.

If you receive a two-factor authentication code, but you weren't trying to log into your associated account, it's a sign that someone else is trying to log in.

Security/Challenge Questions

Other security measures can include answering previously established "challenge questions." Questions may include things like, "What was your first elementary school?" or "What was the first car you owned?" They should be questions with answers that would be hard for others to guess.

Be Careful What You Post on Social Media

Your social media profiles and posts (on Facebook, Instagram, Twitter, and elsewhere) may innocently be broadcasting the details from your life that end up as answers to challenge questions. So be careful what you disclose on social media, especially if your profiles are public.

Protection Against Malware

Well-known software anti-virus companies, including McAfee and Norton, offer solutions for removing malware, but awareness is key to protecting your accounts and money. The Federal Trade Commission (FTC) points out that you may have malware installed and running on your device if it:

  • Suddenly slows down, crashes or displays repeated error messages
  • Won't shut down or restart
  • Won't let you remove software
  • Serves up a lot of pop-ups, inappropriate ads, or ads that interfere with page content
  • Shows ads in places you typically wouldn't see them, like government websites
  • Shows new and unexpected toolbars or icons in your browser or on your desktop
  • Uses a new default search engine or displays new tabs or websites you didn't open
  • Keeps changing your browser's default home page
  • Sends emails you didn't write
  • Runs out of battery faster than it should


Featured Reads