The most important fact to know is that the IRS and the Franchise Tax Board do not initiate contact with taxpayers or request personal or financial information through email!

For more detailed information regarding the latest suspicious e-mails, scams, and identity theft you can go directly to the IRS website at Simply type “Scams” in the search box and you will find the latest news about fraud alerts, how you can avoid becoming a victim and how to report suspicious activity.

The IRS and E-mail

The IRS does not discuss tax account information with taxpayers via e-mail or use e-mail to solicit sensitive financial and personal information from taxpayers such as financial account security information or PIN numbers.

Object of Scams

Most scams impersonating the IRS are identity theft schemes. In this type of scam, the scammer poses as a legitimate institution to trick consumers into revealing personal and financial information, such as passwords and Social Security, PIN, bank account and credit card numbers that can be used to gain access to and steal their bank, credit card or other financial accounts. Attempted identity theft scams that take place via e-mail are known as phishing. Other scams may try to persuade a victim to advance sums of money in the hope of realizing a larger gain. These are known as advance fee scams.

How an Identity Theft Scam Works

Most of the scams that impersonate the IRS are identity theft scams. Typically, a consumer will receive an e-mail that claims to come from the IRS or Treasury Department. The message will contain an enticing or intimidating subject line, such as tax refund, inherited funds or IRS notice. Usually, the message will state that the recipient needs to provide the IRS with information to obtain the refund or avoid some penalty.

The message will instruct the consumer to open an attachment or click on a link in the e-mail. This may lead to an official-looking form to be filled out online or send the taxpayer to a seemingly genuine but bogus IRS Web site. The look-alike site will then contain a phony but genuine-looking online form or interactive application that requires the personal and financial information the scammer can use to commit identity theft.

Alternatively, the clicked link may secretly download malware to the consumer’s computer. Malware is malicious code that can take over the computer’s hard drive, giving the scammer remote access to the computer, or it could look for passwords and other information and send them to the scammer.

Phony Web or Commercial Sites

In many IRS impersonation scams, the scammer sends the consumer to a phony Web site that mimics the appearance of the genuine IRS Web site, This allows the scammer to steer victims to phony interactive forms or applications that appear genuine but require the targeted victim to enter personal and financial information that will be used to commit identity theft.

The official Web site for the Internal Revenue Service is, and all Web page addresses begin with

In addition to Web sites established by scammers, there are commercial Internet sites that often resemble the authentic IRS site or contain some form of the IRS name in the address but end with a .com, .net, .org or other designation instead of .gov. These sites have no connection to the IRS. Consumers may unknowingly visit these sites when searching the Internet to retrieve tax forms, publications and other information from the IRS.

Frequent or Recent Scams

There are a number of scams that impersonate the IRS. Some of them appear with great frequency, particularly during and right after filing season, and recur annually.

• Refund Scam
• Lottery winnings or cash consignment
• Beneficial Owner Form
• Other Known Scams

The contents of other IRS-impersonation scams vary but may claim that the recipient will be paid for participating in an online survey or is under investigation or audit. Some scam e-mails have referenced Recovery-related tax provisions, such as Making Work Pay, or solicited for charitable donations to victims of natural disasters. Taxpayers should beware of an e-mail scam that references underreported income and the recipient’s “tax statement,” since clicking on a link or opening an attachment is known to download malware onto the recipient’s computer.

How to Spot a Scam

Many e-mail scams are fairly sophisticated and hard to detect. However, there are signs to watch for, such as an e-mail that:

• Requests detailed or an unusual amount of personal and/or financial information, such as name, SSN, bank, credit card account numbers, security-related information, and/or mother’s maiden name.

• Dangles bait to get the recipient to respond to the e-mail, such as mentioning a tax refund or offering to pay the recipient to participate in an IRS survey.

• Threatens a consequence for not responding to the e-mail, such as additional taxes or blocking access to the recipient’s funds.

• Gets the Internal Revenue Service or other federal agency names wrong.

• Uses incorrect grammar or odd phrasing (many of the e-mail scams originate overseas and are written by non-native English speakers).

• Uses a really long address in any link contained in the e-mail message or one that does not start with the actual IRS Web site address ( The actual link’s address, or url, is revealed by moving the mouse over the link included in the text of the e-mail.

What to Do

Taxpayers who receive a suspicious e-mail claiming to come from the IRS should take the following steps:

• Avoid opening any attachments to the e-mail

• Avoid clicking on any links

• Visit the IRS Web site ( to use the “Where’s My Refund?” interactive tool to determine if you are really getting a refund

• Do not respond to the email

• Forward the suspicious e-mail or url address to the IRS mailbox, then delete the e-mail from your inbox

Consumers who believe they are or may be victims of identity theft or other scams may visit the U.S. Federal Trade Commission’s Web site for identity theft,, for guidance in what to do. The IRS is one of the sponsors of this site.


The State Controller and FTB Chair John Chiang recently warned taxpayers to protect their personal information and treat any unsolicited emails with caution, and to contact FTB immediately if they have any concerns. State Controller Chiang issued this warning in response to several email scams currently circulating.


An email masquerading as an offer to check the status of your client’s state income tax refund is actually “phishing” for taxpayer data. Scams of this nature attempt to lure people into revealing personal and financial information, such as bank account, credit card, or Social Security numbers, which may be used to steal that taxpayer’s identity.

Phony audits

The second scam involves a phony letter informing the taxpayer that his or her tax return may be audited. The letter refers the taxpayer to a phony FTB address in Georgia. Both the email and the letter contain misspellings and grammatical errors. Taxpayers who receive such a notice should contact FTB at (800) 852-5711.

Bogus corporate fee

In this scheme, corporations receive a letter from a “Compliance Annual Minutes Board” citing California Corporation Code Sections (1500, 600, 9510), and asking letter recipients to pay an “annual fee” of $150. The sender’s address is PO Box 9011 Temecula, CA 92589. This letter is not from the State of California, and corporations are not required to file “annual minutes” with the non-existent “Annual Minutes Board.” If your clients receive such a letter, they are under no obligation to respond.

The information published above was provided in part by the IRS and FTB and can be viewed on their official websites at and