This IS a phish story: The IRS is again warning taxpayers to beware of scammers posing as the federal tax agency to elicit personal information such as Social Security and bank account numbers - via e-mails, telephone calls, online social media sites, faxes and phony Web sites.
The IRS says these thieves, engaging in an Internet practice known as "phishing," increase in number during tax filing season, which is now under way.
To illustrate the extent of the problem, the IRS said in March 2008, that taxpayers had forwarded more than 33,000 suspect e-mails to it in the previous two years at email@example.com.
"Most scams impersonating the IRS are identity theft schemes," the agency said in a recent announcement.
The agency says it does not send unsolicited e-mails to taxpayers, use the Internet to obtain information such as credit card or bank account numbers, and does not discuss such details with taxpayers in e-mails - even if the taxpayer has e-filed.
E-mails purporting to come from the IRS or its parent Department of the Treasury sometimes claim that the recipient is due a refund or that the recipient faces a penalty of some sort.
In either case, the e-mails claim that personal information is needed before funds can be disbursed or a penalty avoided. "These criminals use the information obtained to empty the victims' bank accounts, run up credit card charges and apply for loans or credit in the victims' names," the IRS warned.
Often, the IRS said, a phishing e-mail will direct a recipient to click on a link to a Web site that looks official but is not, and then directs the victim to enter personal information on that site. All legitimate IRS Web sites begin with http://www.irs.gov.
Jonathan Ezor, an assistant professor and director of Touro Law Center's Institute for Business, Law and Technology in Central Islip, says scammers often incorporate official Web addresses into their own, including ".gov" to lure victims.
Doug Salane, director of the Center for Cybercrime Studies at John Jay College of Criminal Justice in Manhattan, advises confining financial transactions to browsers primarily used for that purpose. "Don't use the one your kids are using to play games on," he says.