The agency, a division of the U.S. Treasury Department, asked victims to forward the malicious emails to a provided email address. The IRS was clear, however, that PC users should forward the emails without opening them, as they may contain malicious code.
"Also, the IRS does not request detailed personal information through email or ask taxpayers for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts," warned an advisory on the IRS website.
The agency also included instructions for sending the email to the agency via Microsoft Outlook, Outlook Express, Mulberry, Netscape and Mozilla Thunderbird.
Sophos, citing the company's February survey that 58 percent of people receive a phishing email every day, commended the IRS for providing an email address to turn in phishers.
"These phishing emails typically point you to a bogus website that looks just like the real IRS website, but is really designed to steal information from you," said Graham Cluley, senior technology consultant for Sophos. "Taxpayers and other online surfers need to be very careful about which emails they trust and what websites they visit or they could end up with a large hole in their finances."
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
