February 26, 2019

Fake CEO emails are only one type of phishing attack to look out for as you prepare your tax return this year. Emails that appear to be directly from the Internal Revenue Service could reach your inbox and prey upon your sense of fear as the deadline to file approaches. Here are three ways to spot an IRS phishing email scam:

1.    Emails that promise a big refund or threaten you with a large tax bill 

IRS Commissioner John Koskinen says that “these schemes continue to evolve and can fool even the most cautious person.” 

Don’t be tricked by these types of emails. “That’s not how the IRS communicates with taxpayers,” Koskinen warned. 

The IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.” 

Report it to phishing@vumc.org and delete it.

 

2.    Emails that don’t call you by your name

     When an email addresses you as “Sir,” “Madame,” or “Taxpayer,” this is an immediate tipoff that you have not been contacted by the Internal Revenue Service

     The Internal Revenue Service knows who you are and what your name is.

Report it to phishing@vumc.org and delete it. 

 

3.    Emails that are disrespectful, abusive and harassing

     Taxpayers have fundamental rights when it comes to dealing with the IRS. These rights are known as the Taxpayer Bill of Rights. Take a look and understand what your rights are, and when your rights are being deprived or outright ignored.

Report it to phishing@vumc.org and delete it.

Report IRS phishing attempts to phishing@irs.gov. Forward any phishing attempts you receive at the Medical Center to phishing@vumc.org.


Tax season is a time to be especially cautious and vigilant when it comes to the emails you receive and open. Remember the five tips for spotting an email phishing attempt and avoid being the victim of IRS tax season email fraud.  

VUMC is protecting your personal information by requiring Multi-Factor Authentication, an extra layer of authentication, to access your tax information in C2HR. Enroll now using the MFA Configuration Assistant at https://mymfa.app.vumc.org/, or visit  www.vumc.org/enterprisecybersecurity/mfa for more information.