You may have heard of the recent IRS data breach. Approximately 200,000 accounts were targeted and half were compromised, according to the New York Times. The IRS is expected to send out notifications to those affected. We would like to caution all to be vigilant for any suspicious correspondence. It is times like these that provide malicious actors with an opportunity to also send out phishing emails and other nefarious correspondence in an attempt to trick individuals into providing sensitive information and/or funds.
How you can best protect yourself.
The IRS should never ask you to remit payment or disclose sensitive information via email. Phishing (emails) are not the only way these malicious actors can attempt to scam you. They may call you and attempt to socially engineer you into exposing valuable information or make a payment for services related to the breach. Be wary of any attempts to get you to pay for identity theft prevention services as these are provided, free of charge, to any affected individual by law.
The IRS has a few sites devoted to these topics. Make sure to take a look at these to best arm yourself against these nefarious acts.
If you feel that you may be a victim or would like to report suspicious correspondence, the FBI requests that a complaint be filed through the IC3 (Internet Crime Complaint Center) at http://www.ic3.gov.
UPDATE: The IRS has posted a comment on their site at http://www.irs.gov/uac/Newsroom/IRS-Statement-on-the-Get-Transcript-Application.
Technology Services – Information Security