Phishing scam targets taxpayers who use tax software

ByABC News
March 1, 2012, 7:54 PM

— -- The growing popularity of tax preparation software has led to a rise in e-mail scams targeted at do-it-yourself taxpayers.

Intuit, parent of TurboTax and numerous other tax preparation products, has seen a "marked increase" this year in reports of fraudulent e-mails that claim to come from it , says spokeswoman Julie Miller.

Recent examples of bogus e-mails claiming to come from Intuit included one with "Your Intuit.com order confirmation" in the subject line. Another subject line read: "QuickBooks Security Notice."

In addition to stealing financial info, some of these phishing e-mails contain fake Web links that could download viruses.

Reasons identity thieves target tax software providers:

•Volume. Spammers who send mass e-mails have a good chance of hitting a large number of tax software users. More than 24 million taxpayers used TurboTax last year; more than 50 million purchased some kind of Intuit product, Miller says.

•Confusion. TurboTax, H&R Block and other software providers routinely send customers e-mails advising them of the status of their tax returns.

For that reason, customers often feel they can't afford to ignore what appears to be an e-mail from their software provider, Miller says. Legitimate TurboTax e-mails never ask for personal financial information, Miller says. Likewise, H&R Block never sends customers messages asking them to provide, update or confirm sensitive data, says spokesman Gene King.

Identity theft and phishing were the top items on the IRS' "Dirty Dozen" tax scams for 2012. Crooks are increasingly using stolen financial information to file tax returns and claim fraudulent refunds, the IRS says.

How to avoid falling prey:

•Never reply to unsolicited e-mail. Don't open attachments.

•Don't respond to e-mails requesting your password, log-on, or any financial information.

•Don't respond to e-mails that claim to offer a "software update" or "software download." Updates should be done on your provider's website or desktop product.

•Forward suspicious e-mails to your tax software provider's security center. Suspicious TurboTax e-mails should be sent to spoof@intuit.com.

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events