
Phishing email targets victims with threats of legal action for fake IRS tax invoices
A new Internal Revenue Service (IRS) themed phishing email scam is attempting to scare victims into paying a fake income tax invoice by threatening legal action. The scam impersonates the IRS and is targeting Microsoft Office email boxes with a spoofed email address.
So far, the attack his targeted 50,000 to 70,000 emails.
Messaging in the IRS themed phishing scam attempts to scare the target into acting. It contains fake information about a non-existent overdue tax balance as well as court docket number and police warrant information. These details are included to make the notification seem more realistic.
The text in the body of the email also claims that the IRS has previously attempted to contact the victim. All of the information in the email, even though they are fake, helps increase the chances the victim will be tricked into paying a fraudulent $1450.61 overdue tax bill says cyber security researchers at Abnormal Security.

In addition, the email appears to originate from an irs.gov email address. However, the email is spoofed and is actually sent from an email address at httpx://shoesbagsall . com.
The victim is directed to reply to the email to get payment instructions. Replying to this IRS scam will only confirm to the attacker that the victim’s email address is valid and active.
If the target is fooled by the email and sends a reply, then the attacker forwards payment instructions. At the very least, the attacker confirms but they have a valid email address for use in future scams. If the victim pays the invoice, then the attacker can steal the money and possibly the victim’s payment information.
How to protect yourself from IRS scams
Read our guide on how to Avoid an IRS Tax Scam
- The Internal Revenue Service or IRS never initiates contact with taxpayers using email. The agency always sends invoices an initial contact through US Postal Mail (USPS)
- Always scrutinize the contents of any email before clicking on links or downloading an attachment
- Be suspicious of any email that prompts you to act right away. Scare tactics are common. This includes email notifications for login attempts, password resets, locked accounts, and order notifications.
There are all types of phishing scams circulating that impersonate companies from every industry. Another common email phishing scam making the rounds online impersonates Amazon order confirmations. With the increase in sales during the holiday season, Amazon Prime shoppers are accustomed to seeing order notifications and delivery updates in their email inboxes. Never click on a link in email to check on an existing order. Even if you know it’s legitimate. go to your Amazon account online or in the app and check your order status from there.