If you receive an email claiming to be from the IRS, Treasury, and/or is tax-related that you believe is suspicious:
- Do not reply. If you reply the phisher may send you a follow-up email that contains a malicious URL and/or malicious attachment.
- Do not click, save or open any attachments. Attachments may contain malicious code that will infect your computer.
- Do not click on any links. If you clicked on a link in an IRS, Treasury or tax-related phishing email, and then entered your personal or financial information, please visit our identity protection page.
Please include the full email headers of the original communication that you received using one of the below methods:
- Save the email as a file on your Desktop, create a new email, attach the email file you saved on your Desktop to the email you created and send to email@example.com
- Select Forward as attachment - provided your email client supports this option - to firstname.lastname@example.org
- To obtain the email header please follow the instructions found here http://mxtoolbox.com/Public/Content/EmailHeaders/ and then send to email@example.com
If the above methods do not work, at a minimum, please send the underlying URL of the phishing website to firstname.lastname@example.org.
The raw text of the email and/or the URL of the website is preferred over screenshots.
The IRS uses the information you provide to alert service providers to help shut down the fraudulent sites, email addresses, etc.