The Internal Revenue Service is warning Americans against a recent rise of smishing attacks—phishing through text messages—identifying thousands of fraudulent domains that are targeting taxpayers through fake COVID relief, tax credits, or even help with setting up an IRS online account.
“This is phishing on an industrial scale so thousands of people can be at risk of receiving these scam messages,” said IRS Commissioner Chuck Rettig, prompting the agency to publish the news release. “In recent months, the IRS has reported multiple large-scale smishing campaigns that have delivered thousands—and even hundreds of thousands—of IRS-themed messages in hours or a few days, far exceeding previous levels of activity.”
During the last few weeks, the frequency of IRS-themed attacks, aimed at stealing personal and financial information, has increased exponentially. The messages look like they come from the agency.
Scammers send out texts that direct citizens to click on links to fraudulent websites, identical to legitimate ones, which collect sensitive financial and personal information or potentially install malicious code into their devices.
The IRS does not send emails or text messages asking for such information. Recipients of the scams can report them to phishing@irs.gov. Reporting on such incidents can help the agency identify more of these websites and related messages, and assist in protecting other taxpayers.
Phishing is the most common online scam,…
