The Internal Revenue Service (IRS) has issued a warning to consumers about an email that appears to come from “IRS Online.” The email is designed to get the recipient to click on an attachment labeled “Tax Account Transcript” or “tax transcript,” which is infected with the Emotet malware.
Tax transcripts are summaries of your tax records and history that you can request online from the IRS (think twice about that, too) if you register with the IRS. Real tax transcripts are available for you to access through a secure link after you register with the IRS. You are allowed to access the tax transcripts—they are not sent to you in an attachment. You should always be suspicious of any email that is supposedly sent by the IRS. According to the IRS, it will never send an unsolicited email, nor will it ever send you a sensitive document like a tax transcript in an email.
The IRS also advises, if you receive an email from IRS Online, don’t click on any links or attachments, but instead forward it to firstname.lastname@example.org and then delete it.
The malware that is embedded in these emails is known as Emotet, which according to US-CERT, is “among the most costly and destructive malware affecting…the private and public sectors.” Therefore, be especially cautious about any emails that look like they are coming from the IRS.