• An Internal Revenue Service (IRS) text scam is circulating to get consumers’ personal information, which may put them at further risk of tax identity crimes. 
  • According to the Federal Trade Commission (FTC), imposter scams were the top reported fraud in 2020. The FTC had approximately 500,000 reports of the scam, leading to an estimated $1.2 billion in lost funds.  
  • People may receive text messages from their tax service but will never get a text message directly from the IRS. (People should still independently check with their filing service because scammers may also spoof tax filing entities.
  • If anyone receives a text claiming to be from the IRS, they should ignore it, not click on any links or attachments, forward the text and originating phone number to the IRS at 202.552.1226 and then delete the text message. 
  • For more information on IRS text scams or if someone believes they are a victim of tax identity theft, they can visit for resources or speak with an advisor toll-free by phone (888.400.5530) or live-chat. 

IRS Text Scam Pops Up on First Day to File

February 12, 2021, is the first day for people to file their 2020 tax returns, and many consumers may receive an email or notification from their tax service that it is time to file. Scammers are trying to take advantage by posing as IRS agents to exploit tax filers. 

The Identity Theft Resource Center (ITRC) has received reports of a new Internal Revenue Service (IRS) text scam that claims “your federal tax return was rejected.” The IRS text scam is designed to get consumers’ personal information, which puts people at additional risk of tax identity theft. Here’s an example of the IRS text scam sent to the ITRC: 

Example of the IRS Text Scam sent to the Identity Theft Resource Center

Government Imposter Scams Continue to Spread 

The IRS text scam is not a new tactic for scammers. Government imposter scams were among the top frauds in 2020 reported by the Federal Trade Commission (FTC). The FTC says that they received nearly 500,000 reports of imposter scams that cost people $1.2 billion, with a median loss of $850. Government and business imposter scams were among the top categories of COVID-19 and stimulus-related reports. 

Cybercriminals Target Tax Season 

Criminals know they can take advantage of tax season by posing as an IRS representative, especially with more Americans likely to receive a Form 1099-G because their state employment office is providing documentation for receipt of unemployment benefits. However, many of those taxpayers may be victims of unemployment benefits fraud because identity thieves received benefits in their name.  

What You Should Do 

The IRS will not text anyone about their tax return. People may receive a text from their tax filer, but never from the IRS. (People should still independently check with their filing service because scammers may also spoof tax filing entities.)  

If anyone gets a text message claiming to be the IRS, they should do the following: 

  1. Do not respond, open any attachments or click on any links. An attachment or a link could contain a malicious code that has the ability to infect someone’s device. 
  1. The IRS asks people to forward the IRS text scam and the originating phone number as-is to  202.552.1226.  
  1. After forwarding the information to the IRS, the original text message should be deleted.  

It is also a good idea to never respond to any unsolicited messages. Instead, consumers should reach out directly to the company or person the message claims to be from to verify the message’s validity. People should also refrain from providing their personal information unless it is necessary or with a trusted organization. 

Contact the ITRC 

Anyone who believes they are the victim of an IRS text scam, tax identity theft, or wants to learn more can visit the ITRC website for additional resources. They can also contact an advisor toll-free by phone (888.400.5530) or by live-chat. All people have to do is visit to get started. 

Phishing attacks are nothing new. However, with scammers increasingly using sophisticated and new methods of harming recipients that experts are not as familiar with, being able to identify a phishing attack has never been more important. They can arrive as emails, texts, social media messages, phone calls or links to websites which appear to come from someone the victim knows or a legitimate business. It might look like a boss or co-worker, someone in an email contact list, a bank or a consumer’s favorite retailer.

Trusted brands are used to provide an air of credibility for scammers, who capitalize on the good reputation and relationships these brands have built. Some brands that have been used in phishing attacks to target consumers include Wells Fargo, Zoom, American Express, Apple and Microsoft. The companies being used are not involved in these scams; in many ways, they are victims of the scammer as much as the targeted consumer.

Every phishing attack has a different goal, depending on what kind of ruse they are using. Some use links or attachments to insert malicious code on the user’s device so they can collect more information. Others attempt to steal people’s personal and business usernames or passwords,  and others still try to get someone to click on a well-disguised link so they can divert them to a place where the user enters even more information that the fraudster will use to his or her benefit. While phishing attacks have different objectives, the attackers’ primary goal is to steal the information needed to scam individuals and businesses.

Fortunately, the age-old advice about avoiding a phishing attack still holds true. These are some things people should keep in mind when trying to identify a phishing attack.

Check the email address and URL to make sure it is not fake

Check unexpected inbound messages very carefully, paying special attention to the sender’s email or website address included in the message; they might notice something strange. If it says “,” for example, it is fake. If the website link is (as an example), instead of the company’s actual web address, again, it is probably fake. Always go back to the source of the email (or in this case, the company that is being represented) and check for alerts about potential scams of which they are already aware. Many times, the company is aware and has posted information about the scam.

Never click on an unknown link or open an unexpected attachment

Received an unexpected email, text, social media message or phone call with a link or an attachment?  Consumers should reach out directly to the purported “source” of the communication to verify the validity of the message before clicking on a link or opening an attachment (as mentioned above). Clicking on a malicious link or opening a bogus attachment could lead to someone’s personal information being stolen or infect the device with malware.

Check the message for grammatical errors and awkward phrasing

Read unexpected messages carefully and with a critical eye. Grammatical errors and awkward language are two quick indicators that the email isn’t sent by the company indicated. In trying to identify a phishing attack, customers should remember that companies do not send out emails or other messages with glaring errors – in most cases, large, reputable companies have teams checking their communications for just those types of issues. Smaller businesses may have a looser communication style, but loyal customers will know if something is “off.”  If someone sees any strange mistakes, that is probably a sign it is a fake. In fact, sometimes spelling mistakes are intentional so that only more gullible recipients will interact.

Never trust the caller ID

Do not go by what the caller ID may say. It is easy for a scammer to change the phone number or screen name to say anything, like “IRS” or “County Sheriff’s Department.” If someone calls with an attempt to verify identity information or demands for some kind of payment, consumers should hang up immediately and initiate contact with the company directly using a verified phone number from a trusted source. Here’s a tip: people should put numbers in their contact list for companies that are used regularly – but name them something only they would identify. For example, list the bank as “Bank on 4th & Main St.” instead of by the bank’s name. That way, if there’s an inbound call from the number, the person receiving the call will know they can trust it.

Remember that in many cases, fraudsters are using websites that look like the companies they are pretending to be. A web search could also bring someone to a potential fraudulent site. People should always treat the search results with the same critical eye as they would these other steps.

Phishing attacks can be confusing because of how close to real they can look or sound. Scam websites, emails, phone calls and text messages that mimic trusted brands will continue. However, by implementing these tips to identify a phishing attack, it will help reduce the risk of falling for a phishing attack.

Anyone with additional questions about phishing attacks, or believes they have been a victim of one, can call the Identity Theft Resource Center toll-free at 888.400.5530 to speak with an expert advisor. They can also use the live-chat feature on the website to get the help they need.

You might also like…