The US Internal Revenue Service (IRS) has issued an alert warning of a significant rise in text message phishing scams (smishing) impersonating the IRS since the beginning of the year.
“So far in 2022, the IRS has identified and reported thousands of fraudulent domains tied to multiple MMS/SMS/text scams (known as smishing) targeting taxpayers,” the alert says. “In recent months, and especially in the last few weeks, IRS-themed smishing has increased exponentially. Smishing campaigns target mobile phone users, and the scam messages often look like they're coming from the IRS, offering lures like fake COVID relief, tax credits or help setting up an IRS online account. Recipients of these IRS-related scams can report them to firstname.lastname@example.org.”
IRS Commissioner Chuck Rettig said in a statement, “This is phishing on an industrial scale so thousands of people can be at risk of receiving these scam messages. In recent months, the IRS has reported multiple large-scale smishing campaigns that have delivered thousands – and even hundreds of thousands – of IRS-themed messages in hours or a few days, far exceeding previous levels of activity.”
The alert adds that the IRS will not send messages asking for personal or financial details, and users should be suspicious of any emails, phone calls, or text messages that ask for this information.
“In the latest activity, the scam texts often ask taxpayers to click a link where phishing websites will try to collect their information or potentially send malicious code onto their phones,” the alert says. “The IRS does not send emails or text messages asking for personal or financial information or account numbers. These messages should all be red flags for taxpayers.”
New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for these types of scams.
The IRS has the story.