Another reason not to trust the IRS

The IRS has gotten a bad rap for years for being shady and untrustworthy, just as have those who choose not to pay their taxes properly. But now there is a real reason not to believe what you hear from this government agency – at least if it comes in the form of an unsolicited email.

Mark Hanson, an IRS spokesperson, recently told North Carolina’s Salisbury Post, “We’re getting reports of people getting an e-mail that appears to come from the IRS telling recipients to respond to get their 2008 Economic Stimulus Refund.” You can bet that this response comes with a request for personal information, such as a Social Security number or account number.

This is just yet another example of phishing, an email scam identity thieves have been using for years now. It happens when the thieves send a phony message while pretending to represent a legitimate organization. Unfortunately, it can be hard to tell whether an email message is real or spoofed. You can’t tell by the logos, since identity thieves can easily copy them. You can’t tell by the wording, since it’s easy to make it sound legitimate. You can’t even tell by the website it sends you to, since URLs can be spoofed as well.

Some ways that you can tell are, first of all, by the fact that it’s unsolicited. A legitimate company would not be sending around messages asking for personal information. The company will already have this information in its records. Yes, this includes your username and password. It doesn’t just vanish when you sign up for the account. Another way is if the information doesn’t seem relevant to you. For example, you get an email from the “IRS” saying you need to fill out a form to get your stimulus check when you already got your check several months ago. Lastly, if you contact the organization and no one has a record of the email. This is a dead giveaway. Always use verified contact information though, not info in the potentially fake email. This information can be faked too after all.

If it’s too late and you’ve already fallen for one of these scams, there’s no need to panic. Simply contact the legitimate organization and ask to have your password, account number, etc., changed immediately. If it’s a credit card company, also ask to have a fraud alert added to your account. Then, request a copy of your credit report so you can check for any errors an identity thief may have caused.

Next, promise to be more alert next time. Don’t click on links asking for personal information ever, ever again. Sure, you might miss one in a thousand that has some legitimacy to it. But you can sort that all out when you contact the organization. It’s better than handing over your identity on a silver platter.

Want to do more? Identity theft insurance is a good way to go. Find out more about this very affordable identity theft protection option.