The department of Internal Revenue Service (IRS) the United States has reported an Email phishing scam. This Friday, a report has been published by IRS on its official website. IRS has warned the tax professionals about this Email Phishing scam. Email Phishing scammers are sending fake tax professional emails. Through these emails, scammers are asking tax professionals to update their e-service accounts. These phishing emails are a trap, which are redirecting tax professionals to a third party phishing website.

What is a Phishing Website?

A Phishing website looks like a legitimate website of any particular brand, organization, and company. Scammers are using these type of websites to collect personal information of users such as username, password, SSN (Social Security Number), Credit card information, Residential Address, Contact Number, Personal Emails, Security Questions and PIN (Personal Identification Number). They could use this information to hijack users other online social media accounts and financial accounts. Scammers often use that domain names for phishing websites, which are looking similar to the domains of genuine websites. For example, "www.bankofamerica.com" is the domain name of official Bank of America’s official website. Scammers could use "www.verifyaccountbankofamerica.com" to manipulate the users of Bank of America.

The content of Phishing Email?

Scammers are sending a well-designed email to tax professionals. The fake email contains logos of IRS (Internal Revenue Service) and its E-services. Both the logos are hyperlinks, which are redirecting users to a malicious website. A registration form has been setup by scammers on a phishing website. The main motive of scammers behind this email scam is to steal login credentials of IRS accounts of users.

Subject Line of Email: “Security Awareness For Tax Professionals”

Scammers are writing in the email that their user accounts had been compromised by hackers in 2015. This is a security update and you can reset your account to save your data from hackers. A link has been given by the scammers which is also redirecting users to the same phishing website.

Security Tips for IRS Users

• If you are an e-services user and you are getting such types of emails, don’t click on logos and hyperlinks.

• If you have any query related to our account, contact the real help desk of IRS.

• If you have filled the registration form of that phishing website, then change your password immediately.

• If you are using same username and password for other online accounts, reset all the account as soon as possible.

• Always visit the official website of IRS to logging in to your E-Services account.

• Use pro version of email security tools to detect these type of phishing emails.

• If you are getting any email which claims to be from IRS, forward it to phishing@irs.gov. It will help the organization to investigate this scam.

Wix.Com DOM Based XSS Vulnerability Put 86 Million Websites At Risk!​