The Internal Revenue Service has issued an URGENT alert to taxpayers and tax professionals to avoid a new phishing scam that impersonates the IRS and the FBI in an attempt to hold computer data hostage for a ransom.
Successful ransomware attacks encrypt the data and files on your computer denying you access to your important information, and often, access to the computer itself. Such attacks typically demand a ransom be paid (often via BitCoin) in order to obtain the decryption key.
This scam email is using the emblems of both the IRS and the Federal Bureau of Investigation. It tries to entice users to select a "here" link to download a fake FBI questionnaire. Instead the link downloads the ransomware. With no warning, those clicking the link will lose access to their data.
"This is a new twist on an old scheme," said IRS Commissioner John Koskinen. "People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won't get their first contact from the IRS with a threatening email or phone call."
According to the IRS, victims should not pay a ransom. Paying it further encourages the criminals, and frequently the scammers won't provide the decryption key even after a ransom is paid.
Remember: The IRS does not use email, text messages or social media to discuss personal tax issues, such as those involving bills or refunds.
— Thu, Aug 31, 2017 @ 8:24am