IRS Reminds Car Dealers to be Aware of Phishing Scams

(As appearing in IR 2024-186)

IRS reminds car dealers and sellers to be aware of phishing scams

In light of the CDK ransomware attack, the Internal Revenue Service would like to remind car dealers and sellers to be aware of evolving phishing and smishing scams that could impact day-to-day operations of the business.

In light of the recent ransomware attack against CDK, the IRS is warning individuals and businesses to remain vigilant against these attacks. Fraudsters and identity thieves attempt to trick the recipient into clicking a suspicious link, filling out personal and financial information or downloading a malware file onto their computer.

Scammers are relentless in their attempts to obtain sensitive financial and personal information, and impersonating the IRS remains a favorite tactic. The IRS urges car dealerships to be extra cautious about unsolicited messages and avoid clicking any links in an unsolicited email or text if they are uncertain.

Phish or smish: Don’t take the bait

The IRS continues to see a barrage of email and text scams targeting businesses and individual taxpayers. The IRS and the Security Summit partners continue to remind taxpayers, businesses and tax professionals to be alert for a wide variety of these scams and schemes. Businesses such as car dealerships should remain alert for targeted email and text scams aimed to disrupt their computer systems.

These businesses should be alert to fake communications posing as legitimate organizations. These messages arrive in the form of unsolicited texts or emails to lure unsuspecting victims to provide valuable information that can lead to identity theft or malicious malware installed on computer systems. There are two main types:

  • Phishing: An email sent by fraudsters claiming to come from a legitimate source. The email lures the victims into the scam with a variety of ruses such as enticing victims to provide sensitive information.
  • Smishing: A text or smartphone SMS message where scammers often use alarming language such as, “Your account has now been put on hold,” or “Unusual Activity Report,” with a bogus “Solutions” link to restore the recipient’s account.

Never click on any unsolicited communication as it may surreptitiously load malware. It may also be a way for malicious hackers to load ransomware that keeps the legitimate user from accessing their system and files.

In some cases, phishing emails appear to come from a legitimate sender or organization that has had their email account credentials stolen. Setting up two-factor or multi-factor authentication with their email provider will reduce the risk of individuals having their email account compromised.

Posing as a trusted organization, friend or family member remains a common way to target individuals and businesses for various scams. Individuals and businesses should verify the identity of the sender by using another communication method, for instance, calling a number they independently know to be accurate, not the number provided in the email or text.

What to do

  • Never respond to phishing or smishing or click on the URL link.
  • Don’t open any attachments. They can contain malicious code that may infect the computer or mobile phone.
  • Don’t click on any links. If a taxpayer inadvertently clicked on links in a suspicious email or website and entered confidential information, visit the IRS’ identity protection page.
  • Send the full email headers or forward the email as-is to phishing@irs.gov. Don’t forward screenshots or scanned images of emails because this removes valuable information.
  • Delete the original email.

(This is Blog Post #1609)