The IRS* called me recently and left a message on my phone.
Apparently, they issued a warrant for my arrest and plan to notify the local police to find and arrest me if I don’t pay them an unspecified sum. They asked me to call them immediately to avoid these actions.
Gratefully, I recognized this as a long-running scam. The Federal Trade Commission (FTC) points out a few facts about the IRS.
- If the IRS needs to contact you, they’ll do it by mail first.
- The IRS won’t demand personal information like credit card or Social Security numbers over the phone.
- The IRS won’t threaten to arrest or sue you, or demand that you pay right away. The IRS also won’t tell you to use a specific form of payment like a money transfer from MoneyGram or Western Union, a cash reload from MoneyPak or Reloadit, or a gift card from iTunes or Amazon. Scammers ask you to use those ways to pay because they’re hard to track or cancel payments.
If you’re aware of cybersecurity techniques used by criminals, this may not be news to you. However, this scam frequently targets the elderly and people who don’t work with computers much. Share this information with them so that won’t be fooled.
* The Internal Revenue Service (IRS) doesn’t call you.
Holiday Scams and Malware Campaigns
Of course, criminals don’t just use the phone to trick users. Here’s some valuable information shared by US-CERT:
As the holidays approach, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identify theft, or financial loss.
CISA recommends the following actions:
- Use caution when browsing the internet, shopping online, and using email.
- Avoid clicking on links or opening attachments in unsolicited emails. See Avoiding Social Engineering and Phishing Attacks for more information.
- Be wary of fraudulent social media pleas, calls, texts, websites, and door-to-door solicitations for donations to charities. See How to Donate Wisely and Avoid Charity Scams for more information.
If you believe you are a victim of a scam or malware campaign, consider the following actions:
- Contact your financial institution immediately, and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. See Preventing and Responding to Identity Theft for more information.
- Immediately change any passwords you might have revealed. Avoid reusing passwords. See Choosing and Protecting Passwords for more information.
- Report the attack to the police, and file reports with the Federal Trade Commission and the FBI’s Internet Crime Complaint Center.