Be Alert to Tax Season Scams

Taxpayer scams occur throughout the year, many of which peak during tax-filing season.  Examples of scams targeting taxpayers include:

  • Form W-2 email phishing scams in which cyber criminals trick payroll and human resource officials into disclosing employee names, social security numbers and income information by disguising themselves as a company executive.The criminals then attempt to file fraudulent tax returns for tax refunds or commit identity theft.

  • Fake emails purporting to be from the Internal Revenue Service (IRS) or others in the tax industry, including software companies that seek information related to refunds, filing status, confirming personal information, and verifying personal identification numbers.Variation of the scams also come through text messages.

  • Phone calls by criminals impersonating IRS agents and threatening you with police arrest, deportation, license revocation, and other penalties if you don't pay a bogus tax bill.

The IRS does not initiate contact with taxpayers by email, text messages, or social media channels to request personal or financial information.  This includes requests for personal identification numbers, passwords, or similar access information for credit cards, banks, or other financial accounts.  The IRS will never call to demand an immediate payment or threaten to involve law enforcement.

If you receive an unsolicited communication from the IRS -- do not act on it.  Suspected phishing emails should be forwarded directly to the IRS at [email protected]  and then deleted.  Further information and instructions may be found by visiting the Reporting Phishing and Online Scams page on the IRS website at https://www.irs.gov/privacy-disclosure/report-phishing.

Scams occur all year round, remain alert and as a reminder:

  • DO NOT reply to an email with any personal information or passwords; call the organization directly to verify that the email is legitimate.

  • DO NOT click a link in an unsolicited email; type the organization's web address into your web browser to verify legitimacy.

For more cyber security resources and tips, visit:

For more phishing awareness information visit the EISO resources page: https://its.ny.gov/resources