Phishing is the practice of sending fraudulent communications disguised to appear to be from a reputable source. These attacks, usually through email but increasingly through text messages, are an attempt to try to steal personal and financial information.

The IRS does not request personal or financial information from taxpayers by email. This includes any type of electronic communication, such as text messages and social media channels.

If you receive a suspicious IRS-related communication:

  1. Don’t reply to the sender.
  2. Don’t click, save, or open any attachments. They can contain malicious code that may infect your computer or mobile phone.
  3. Don’t click on any links. Visit our identity protection page if you clicked on links in a suspicious email or website and entered confidential information.
  4. Immediately forward the entire message, with the full email headers, to phishing@irs.gov. Don’t forward scanned images because this removes valuable information.
  5. Delete the original email.

For additional information and resources, please visit Report Phishing and Online Scams.