A recent McAfee security blog posting reveals data that scammers attempting to pull off phishing schemes based on the IRS and tax time are off to an early and record-setting start. In fact, stats from McAfee Labs show that more than 1500 domains hosted IRS phishing scams this past February, which eclipsed the high-water mark of more than 800 seen in April of 2009.
McAfee warns that this cluster of “fake IRS URLs” can be arrived at from many avenues: phishing emails, posting of URLs on various forums, and black-hat SEO manipulation, just to name a few. According to the company’s data, the volume of malicious sites hosting IRS and tax scams has already eclipsed that of 2009, this with more than two weeks left until the April 15 IRS deadline.
The IRS does provide a Consumer Alerts page that reviews some of the latest and most notorious tax season flimflam. The site lists a number of scams that the IRS has encountered, and acknowledges that many of the bogus communications – especially emails – can look very official, especially when they make use of the IRS logo. However, the IRS warns users that there is only one official IRS website, IRS.gov, and that the service will never initiate contact with taxpayers via email.