Tax Email Scams

What is an Email Phishing Scam? (And How to Detect One)

February 22, 2018

Tim RussellBy Tim Russell 
Technology Services Manager

Taxes are due April 17th — and whether you’re still a few weeks away from filing or already squared away, cyber-criminals are out there trying to steal your information.

Under the IRS moniker, you may see more and more “phishing” emails attempting to trick people into handing over their information. Over the past couple of years, these phishing attempts have become more complex, and with tax season in full swing, it’s peak phishing season.

What Is Phishing?

Phishing is form of cyber attack that tries to bait you into clicking on a link or downloading a file that will compromise your personal information. This can be credit card information, personal contacts or a password and login.

Typically carried out via email, these scams tend to share the look and feel of a trusted-site or brand.With over 1 million of these phishing sites created each month, it’s easy to fall prey to a malicious email.

One of the most common phishing attempts during tax season comes from those emulating the IRS. What looks like an important email may be a hacker trying to steal your information.

Learning how to spot and prevent phishing scams can be the determinant between losing information and staying safe. Just take a look at the email below:

Though it may look normal, there are a few telltale signs you can find that are a dead giveaway — indicating it as a phishing scam.

Highlighted phishing email on iPad

All of these highlighted sections are ways in which you can tell this email is from a fake source. Let’s break down these email phishing examples and determine what key areas to analyze when you believe an email may be a scam.

Phishing Protection: breaking down the scam

Highlighted subject line on email phishing scam

1. Suspicious sender Email Address 

The email address is the first indication as to whether an email is legitimate or a phishing scam. If the IRS is potentially sending you an email and the real sender is “” - which has nothing to do with the IRS - you can be sure it’s a scam.

You may also see email phishing scams come from other existing contacts/friends that have been hacked. While these emails are harder to differentiate, the subject line can help you determine the email's origin.

2. False Sense of Urgency in Subject Line

Scams will generally present urgency or revolve around something that sounds like you’ve previously received an email (ie. RE, Regarding our last conversation) when it comes to their subject lines. Other subject lines may regard an embarrassing video, mention of you being a part of something you’ve never heard of or any other things that seem out of the ordinary.

The subject line is your second line of defense when determining the email’s authority. If both the subject line and email address give you concern, it’s most likely a phishing attempt.

Highlighted grammatical errors on email phishing scam

3. Poor Grammar and Spelling 

While hackers and criminals are getting better at phishing scams, their grammar and poor spelling is a noticeable trait you can use to protect yourself.

Professional services and companies, like the IRS, have editors that would never allow emails rife with typos to be sent out. If you catch constant misspellings or unnatural use of language this is a clear indicator the email is a scam.

Highlighted link on email phishing scam

4. Links That Should Always Be Avoided

Here’s the most dangerous part of any phishing scam and where you should be extremely careful. Whether it’s a malicious download or link that leads you to a spam site, this is where the “phishing” happens.

Take it as a best practice to completely avoid clicking on links from any email with the already discussed signs. If you’re still unsure of an email’s validity at this point there are a few key factors that can help.

Hovering over a link with your mouse (NOT clicking) will show you where the URL leads. Don’t click on a URL you don’t recognize. As you hover over the link it will look something like this:

Highlighted link with hover text on email phishing scam

5. Harsh Language or tone

The last sign you can look for to determine an email phishing attempt is also the simplest — how does the email read?

If an email is full of threats, like shutting down your account or not issuing a tax refund, you can assume it’s malicious. Most companies don’t use harsh language or deliver threats to their customers.

Requests for password changes, log in information or other account-based issues that contain a threatening or imminent tone reflect this as well.

Highlighted copy in phishing email

What if you’re concerned it’s a legitimate email?

In our experience, it’s always better to be safe than sorry. If you’re really concerned about the legitimacy of an email, contact the company separately via their website or phone number (NOT replying or using any information found in the questionable email).

Defending Yourself From Phishing Scams

Pay close attention to anything you’re receiving from the IRS or various financial institutions during tax season. Cyber criminals are constantly changing their tactics, but with these techniques you should be able to tell the difference between a phishing attempt and legitimate email.

For more helpful tips and financial advice, be sure to join our newsletter to receive the latest from Security National Bank of South Dakota.

Stay safe out there!