Identity Thieves Use Tax Season To Go 'phishing'

By G. Patrick Kelley

October 19, 2007 4 min read


Identity thieves use tax season to go 'phishing'

G. Patrick Kelley

Copley News Service

As much as you hate it, the Internal Revenue Service is part of the U.S. government.

That's also a safeguard. The one and only Internet address for the IRS is

The ".gov" is the important part. It designates government Web sites.

Anyone can have a site with an address that ends in ".com," ".net" or ".org," but they're not your federal government. State government sites aren't so easy. Most of them end with ".state.(state abbreviation).us," but some have other extensions.

"There is one legitimate IRS site -," IRS Commissioner Mark W. Everson said in a statement. "Always check carefully and make sure you know what Web site you are using."

Because .com, .net and .org are such common parts of Internet addresses, taxpayers may inadvertently type the wrong extensions, instead of .gov, into the address when trying to find the IRS Web site.

It's an issue right now, during tax season, because of ongoing Internet scam where consumers receive an e-mail informing them of a federal tax refund.

It's a "phishing" expedition. Phishing is a scam in which e-mails are sent to users claiming to be a legitimate enterprise in an attempt to persuade the user to give information that will be used for identity theft and fraud.

In the IRS scam, the e-mail claims to be from the IRS and directs the consumer to a link - often a Web site resembling the IRS Web site - that requests personal and financial information, such as Social Security number and credit card information.

That information is then used to steal the taxpayer's identity and financial assets. Identity thieves usually take personal data to steal financial accounts, run up charges on the victim's credit cards, apply for new loans, credit cards, services or benefits in the victim's name and even file fraudulent tax returns.

Taxpayers who receive an unsolicited e-mail supposedly from the IRS should never click on any links in the message, open any attachments or provide any personal or financial information to the sender.

Although the IRS Web site offers interactive features, the tax or private financial information needed is extremely limited. Taxpayers can contact the IRS at 1-800-829-1040 to find out if the agency is trying to make contact about a tax refund.


- Ignore e-mails that warn about fraudulent charges to your account or claim that your bank account or credit card account will be shut down unless you reconfirm certain information.

- Do not reply or click on the link in the e-mail. If you're worried the e-mail might be legit, call the company using a telephone number listed on your account statement or bill.

- Pay attention to the Web address. Most legitimate sites will have a relatively short Internet address that usually ends with .com or .org. Phishing sites are more likely to have an excessively long line of characters in the Web address with the legitimate business name included somewhere in the string, or possibly not at all.

- Forward any suspect e-mails to [email protected]

- If you believe you've been scammed, file your complaint at and then visit the FTC's identity theft Web site for tips on minimizing the damage from identity theft.

- You should also contact your police or sheriff''s department, and file a complaint with the FBI's Internet Fraud Complaint Center at

Sources: Federal Trade Commission and FBI

Visit Copley News Service at

Like it? Share it!

  • 0