Kentucky Department of Revenue Reminds Taxpayers to Recognize Phishing Scams

FRANKFORT, Ky. (Dec. 7, 2016) – As part of “National Tax Security Awareness Week,” Dec. 5 – 9, the Kentucky Department of Revenue is cautioning taxpayers to avoid identity theft by watching for phishing scams that can increase around the tax season.

The department, along with the IRS, and public and private tax industry partners, reminds taxpayers that the easiest way for an identity thief to steal taxpayer information is by simply asking for it.

As a result, each day people fall victim to phishing scams through emails, texts, or phone and mistakenly turn over important data. In turn, cybercriminals try to use that data to file fraudulent tax returns or commit other crimes.

“This is the second reminder to taxpayers during the “National Tax Security Awareness Week,” said Daniel Bork, commissioner of the Kentucky Department of Revenue (DOR). “We are happy to partner with the IRS to get these important tips and reminders out to Kentucky taxpayers to combat refund fraud and identity theft.”

Surge in Email, Phishing and Malware Schemes

According to IRS data, the agency saw an approximate 400 percent surge in phishing and malware incidents during the 2016 tax season.

Scam emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. These phishing schemes can ask taxpayers about a wide range of topics. Emails can seek information related to tax refunds, filing status, confirming personal information, ordering transcripts, verifying PIN information and asking people to verify their tax software account.

Variations of these scams have been seen via text messages, and the misleading communications have occurred throughout the country.

When people click on these email links, they are taken to sites designed to imitate an official-looking website, such as The sites ask for Social Security numbers and other personal information, which could be used to help file false tax returns. The sites also may carry malware, which can infect people’s computers and allow criminals to access your files or track your keystrokes to gain information.

The department encourages taxpayers to take stronger measures to protect their financial and tax data not to give out personal information based on an unsolicited email requests.

Taxpayers need to take time to examine, identify and avoid emails that:

Contain a link. Scammers often pose as the IRS, financial institutions, credit card companies or even tax companies or software providers. These scams may claim they need the recipient to update their account or request they change a password. The email offers a link to a spoofing site that may look similar to the legitimate official website. Taxpayers should follow a simple rule: Don’t click on the link. If in doubt, they should go directly to the legitimate website to access the account.

Contain an attachment. Another option for scammers is to include an attachment to the email. This attachment may be infected with malware that can download malicious software onto the recipient’s computer without their knowledge. If it is spyware, it can track the recipient’s keystrokes to obtain information about their passwords, Social Security number, credit cards or other sensitive data. Remember, taxpayers shouldn’t open attachments from unknown sources.

Are from a “government” agency or “financial institution.” Scammers attempt to frighten people into opening email links by posing as government agencies, financial institutions and even tax companies. Thieves often try to imitate the official organizations, especially tax-related ones during the filing season.

Are from a “friend.” Scammers also hack email accounts and try to leverage the stolen email addresses. Recipients may receive an email from a “friend” that just does not seem right. It may be missing a subject for the subject line or contain odd requests or language as the underlying content. If the email seems “odd,” taxpayers should avoid clicking on any links or opening attachments.

Contain a false “lookalike” URL. The sending email may try to trick the recipient with the URL or web address. For example, instead of, it may be a false lookalike such as To verify the authenticity, a recipient can place their cursor over the text to view a pop-up of the real URL.

Learning to recognize and avoid phishing emails – and sharing that knowledge with family members – is critical to combating identity theft and data loss.

Additional steps that can help taxpayers protect their personal and financial data are available on the Taxes. Security. Together. page, as well as on Publication 4524, Security Awareness for Taxpayers.

If a taxpayer thinks they may be the victim of tax or identity fraud, they can contact the Kentucky Department of Revenue at (502) 564-4581 for taxpayer assistance. For more tips and information, follow the Kentucky Department of Revenue on Twitter @RevenueKY.