The United States Internal Revenue Service (IRS) is warning taxpayers to be on the alert after detecting a 400 percent increase in tax-related phishing and malware attacks this past year.
In a consumer notice published earlier in February, the IRS explains that it detected 1,026 malware and phishing schemes in January alone. This figure is up from just 254 a year earlier.
The federal tax collection agency observed a similar increase in recent weeks. Between February 1 and February 16, it spotted 363 attacks--nearly double the total number of events identified for the whole month of February last year, at 201.
"This dramatic jump in these scams comes at the busiest time of tax season," said IRS Commissioner John Koskinen. "Watch out for fraudsters slipping these official-looking emails into inboxes, trying to confuse people at the very time they work on their taxes. We urge people not to click on these emails."
Most of the schemes observed by the IRS redirect users to websites where they are asked to enter in their online credentials to IRS services, including their PINs and Social Security Numbers. Attackers can in turn leverage those stolen bits of information to file fake returns in the victims' names and claim tax refunds.
Other scams contain attachments disguised as fake tax-related documents that install malware onto users' machine.
U.S. taxpayers have until April 15th to file their taxes for 2015. Though this deadline is still two months away, attackers have been targeting taxpayers since before Christmas, when researchers at Heimdal Security detected a campaign targeting users with Kovter ransomware and CoreBot malware.
In light of attackers' persistence this season, the IRS is warning taxpayers to be on the lookout for emails that ask them to confirm important information by clicking on a link or an email attachment.
Users should exercise extreme caution around those types of emails and should forward them to the IRS at email@example.com.
This news follows on the heels of a separate IRS announcement that identity thieves attempted to create E-file PINs for some 464,000 taxpayers earlier in February.