Other ways to search: Events Calendar | UTHSC

SPAR – Cybersecurity Scam of the Week – Tax Season and IRS Scams


It’s that time again when we all dread finding out if we owe money or not. And cybercriminals are banking on it with a wide range of scams that all impersonate the IRS.

The IRS has posted details about phishing attacks that impersonate them for years, and yet, individuals continue to fall for these scams, mostly due to their ignorance about how the IRS contacts people.

The IRS has taken steps to not just let you know what to expect should they reach out, but they even go as far as to spell out for you the types of tax scams you should be mindful of.

Most of the current scams revolve around simple premises that are designed to both get your attention and strike a little fear into you.

  • “We’ll cancel your Social Security number”
  • “This is the Bureau of Tax Enforcement, and we’re putting a lien or levy on your assets”
  • “If you don’t call us back, you’ll be arrested”

These scams are usually intent on stealing personal data or payment details. So, there are a few things you can do to ensure you’re protected:

  1. Pay attention to how they contact you – the IRS doesn’t call, text, email, leave voicemails, or reach out to you via social media. They send you a letter in the mail. That’s it.
  2. They don’t ask for payment over the phone – Not credit cards, and most certainly not gift cards!
  3. They can’t arrest you, etc. – There is a taxpayer’s bill of rights, an appeal process, etc. Jumping right to arresting you is downright foolishness.

What else has been reported to abuse@uthsc.edu this past week?

  • [Ext] Extra Income – a too good to be true scheme with a little pull at the heartstrings – work part-time for UNICEF for $450
  • [Ext] Response. – yep, that’s it. The Subject line just said “Response”. But the lovely email written, by someone who didn’t know English very well, wanted to talk to you after getting your full name, home address, phone number, date of birth, and occupation.
  • [Ext] Re: Your Microsoft account is expired! – you have to love the “!”. The email also had three separate links for a person to click on to “log in”. Classic credential-stealing scam.
  • [Ext] For Your Attention – another classic scam – you have the same last name as someone who “died intestate and left behind an estate worth millions”
  • [Ext] UFN #: 618894-6684 | Subscription-eReceipt – McAfee’s version of an auto-renewal scam. The only way to dispute the charge is to call a phone number listed in the phish.
  • [Ext] REQUEST: process almost complete – a password expiration scam that didn’t come from Microsoft or UTHSC
  • [Ext] New 1 page Fax for Uthsc – wanting the recipient to click on an attachment he wasn’t expecting

Keep reporting suspicious emails to abuse@uthsc.edu for examination and any other questions for the Office of Cybersecurity should utilize TechConnect to report an incident.