Scam exploits Treasury e-payment system

The IRS is warning taxpayers about a new e-mail scam that uses the Treasury Department's Electronic Federal Tax Payment System as a hook to lure individuals into disclosing their personal information.

The system, which is used by more than 6 million taxpayers, lets businesses and individuals pay their federal taxes online or by phone.

The new e-mail scam, which contains grammatical errors and typos, resembles a page from and claims to be from the "IRS Antifraud Comission" (sic), a fictitious group. The e-mail claims someone has enrolled the taxpayer's credit card in EFTPS and has tried to pay taxes with it. The e-mail also says there have been fraud attempts involving the taxpayer's bank account, and that money was lost and "remaining founds" (sic) are blocked.

Recipients are asked to click on a link that will help them recover their funds, but the subsequent site asks for personal information that thieves could use to steal the taxpayer’s identity, IRS said.

“The IRS does not send out unsolicited e-mails asking for personal information,” said IRS Commissioner Mark Everson in a statement.

The IRS never asks taxpayers for their personal identification numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.

This latest e-mail scam is the first one known to reference EFTPS, IRS said.

The IRS has seen an increase in such scams. Since November, 104 different scams have been identified, with 22 of those coming in June, the most since 40 were identified in March during the height of the filing season.

Tricking consumers into disclosing their personal and financial information, such as secret access data or credit card or bank account numbers, is fraudulent activity that can result in identity theft. Such schemes perpetrated through the Internet are called phishing for information.

Many of these schemes originate outside the United States. To date, investigations by the Treasury inspector general for tax administration have identified sites hosting more than two dozen IRS-related phishing scams. These scam Web sites are located in many countries, including Aruba, China, Italy and Slovakia, as well as the United States.

Other scams claim to come from the IRS, tell recipients that they are due a federal tax refund and direct them to a Web site that appears to be a genuine IRS site. The bogus sites contain forms or interactive Web pages similar to IRS forms or Web pages but which have been modified to request detailed personal and financial information from the e-mail recipients.

The IRS has established an electronic mailbox for taxpayers to send information about suspicious e-mails which claim to come from the IRS. Taxpayers should send the information to: [email protected] The IRS can use the information, URLs and links in the bogus e-mails to trace the hosting Web sites and alert authorities to help shut down these fraudulent sites. More than 8,000 bogus e-mails have been forwarded to the IRS, nearly 1,300 in June alone.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected