IRS Warns of Phishing for Dot EDU Email Users



Phishing for EDU Email UsersThe Internal Revenue Service (IRS) has issued an alert warning about a phishing scam targeting university students. A link in the emails leads to a phishing site that asks users to enter their Social Security number, name, date of birth, prior year Annual Gross Income, driver's license number, address, and electronic filing PIN.

“The Internal Revenue Service today warned of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ‘.edu’ email addresses,” the alert states. “The IRS' phishing@irs.gov has received complaints about the impersonation scam in recent weeks from people with email addresses ending in ‘.edu.’ The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions. Taxpayers who believe they have a pending refund can easily check on its status at Where's My Refund? on IRS.gov. The suspect emails display the IRS logo and use various subject lines such as ‘Tax Refund Payment’ or ‘Recalculation of your tax refund payment.’ It asks people to click a link and submit a form to claim their refund.”

The IRS says recipients of the email can report the scam to the IRS without clicking on the link.

“People who receive this scam email should not click on the link in the email, but they can report it to the IRS,” the alert says. “For security reasons, save the email using "save as" and then send that attachment to phishing@irs.gov or forward the email as an attachment to phishing@irs.gov. The Treasury Inspector General for Tax Administration (TIGTA) and IRS Criminal Investigation have been notified.”

The IRS also recommends mitigations for people who may have fallen for the scam.

“Taxpayers who believe they may have provided identity thieves with this information should consider immediately obtaining an Identity Protection PIN,” the IRS says. “This is a voluntary opt-in program. An IP PIN is a six-digit number that helps prevent identity thieves from filing fraudulent tax returns in the victim's name. Taxpayers who attempt to e-file their tax return and find it rejected because a return with their SSN already has been filed should file a Form 14039, Identity Theft Affidavit PDF, to report themselves as a possible identity theft victim. See Identity Theft Central to learn about the signs of identity theft and actions to take.”

New-school security awareness training can help your employees recognize phishing and other social engineering tactics.

The IRS has the story.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

Topics: Phishing



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews