Convincing IRS ID.me Phish Making the Rounds

It’s tax season so you know malicious actors are going to try to come after your tax refunds. This one looks pretty legitimate, as long as you ignore the sender’s email address and the domain the link takes you to. I just recently filed my Federal income taxes for this year and had to establish my identity with ID.me. This email and web site look very much like the real thing, using the legitimate logos and I can’t see any grammatical or spelling errors. Here’s the email:

I removed the recipient’s email address and the username portion of the sender since that is the same username portion as the recipient.

Here’s the landing page:

Something that helps the email and web site look more legitimate is that the email contains links to the legitimate ID.me site website and the link to the phishing page blends in well with the background color where the link is. Plus the phishing page provides an option in case the user forgot their password.

Leave a Reply

Your email address will not be published. Required fields are marked *