Press Releases

Browse our press release archive

04 Apr 2006

IRS tells taxpayers how to report phishing attacks

Tax form
Phishing emails have posed as federal tax refunds.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed the news that the Internal Revenue Service (IRS) has published information for American taxpayers about how they can report suspicious emails that claim to come from the organization.

Following a spate of email phishing campaigns which have posed as federal tax refunds (but have actually been designed by hackers to steal confidential information from individuals), the IRS has published advice on its website.

Users who receive a suspected phishing email posing as an IRS communication should send it to, including the full email headers if possible.

"These phishing emails typically point you to a bogus website which looks just like the real IRS website, but is really designed to steal information from you," said Graham Cluley, senior technology consultant for Sophos. "Taxpayers and other online surfers need to be very careful about which emails they trust and what websites they visit or they could end up with a large hole in their finances."

Some phishing emails invite taxpayers to visit a bogus website to collect a non-existent refund

Some phishing emails invite taxpayers to visit a bogus website to collect a non-existent refund.

In February, Sophos revealed in a survey that 58% of people receive a phishing email every day.

Sophos recommends that computer users protect themselves with a consolidated solution which can defend against the threats of spam, spyware and viruses.

Organizations concerned about being fraudulently represented in phishing campaigns can sign up to the Sophos early warning system, Sophos PhishAlert.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at