Don’t take the bait: Recognize and Avoid Phishing Scams

This holiday season don’t let the cyber grinches steal your money or your identity.

The Internal Revenue Service, state tax agencies and the nation’s tax industry are working together to protect taxpayers from stolen identity refund fraud. All this week, the Security Summit partners will be sharing tips as part of the National Tax Security Awareness Week. But the partners need your help.

Here’s what you need to know to protect yourself from phishing scams:

First, the most common way thieves steal your identity is simply by asking for it. Their favorite tactic is a phishing email. Phishing emails bait you into opening them. They pose as a trusted company – maybe your bank, a favorite retailer or your tax provider.

Second, learn to recognize and avoid them. The scams tell an urgent story – i.e. there’s a problem with your account – and instructs the receiver to open an embedded link or download an attachment.

Third, don’t take the bait. The link may send you to a familiar website to login, but your username and password goes to the thieves. Or, the scam suggests you open an attachment, which secretly downloads malicious software. Either are bad news. Just hit delete.

And no, that’s not the IRS calling with demands of payment and threats of jail or a lawsuit. The IRS does not make angry, threatening phone calls. Nor does the IRS request payment via gift cards or debit cards, like iTunes cards. Always make your payment to the U.S. Treasury.