IRS warns of latest email scam meant to pick your (email) pocket

A number of cyber-criminals have clearly decided that if they’re going to pick a pocket, they're going to make it a deep one. U.S. taxpayers in the aggregate comprise the deepest pockets around, and the latest scam about which the IRS is warning taxpayers is fake e-mails containing notices used by the IRS to inform taxpayers of tax under-reporting - with an attached demand for payment.

The CP2000 notice (Automated Underreporter Program) is used when income a taxpayer receives from a third party doesn’t match the income reported on your tax return. As with all other such IRS communications, a CP2000 is not sent via e-mail. Ever. U.S. Mail is the delivery method. Nevertheless, the phony CP2000 notices are arriving via inboxes in the form of tax “bills” related to the Affordable Care Act for tax year 2015.

The IRS says, apart from the fact that the phony bills are sent electronically (which the IRS doesn’t do), the IRS says these elements are, at present, common about the “notices”:

  • The CP2000 notices appear to be issued from an Austin, Texas, address;
  • The underreported issue is related to the Affordable Care Act (ACA) requesting information regarding 2014 coverage;
  • The payment voucher lists the letter number as 105C.

The e-mails direct that payment checks must be mailed to the “I.R.S.” at the “Austin Processing Center” at a P.O. Box in Austin. There is also, says the IRS, a “payment” link within the e-mail. The scammers are also asking that checks be made out to the IRS, which is another indication that skullduggery is afoot. The proper procedure is to make checks, when payment is indeed legitimately owed, to the U.S. Treasury.

IRS information about CP2000 notices is available at Understanding Your CP2000 Notice, including a photo of an actual notice for comparison purposes. However, if a CP2000 is received via e-mail, no comparison is necessary: it’s fake, and an attempt at theft.

The IRS guidance on this or any other electronically received bill, payment notice, etc., is

“Taxpayers and tax professional should always beware of any unsolicited email purported to be from the IRS or any unknown source. They should never open an attachment or click on a link within an email sent by sources they do not know.”

Either opening an attachment or clicking on a link is the equivalent of handing a pickpocket your wallet or purse.