If the 'IRS' Emails You, It's Probably Just Malware

We may earn a commission from links on this page.

Repeat after me: “The IRS does not initiate contact with taxpayers by email, text messages, or social media channels.”

Good. Armed with this knowledge you should be able to quickly spot if you’re about to fall victim to a ransomware attack.

Per Bleeping Computer, malicious spam currently circulating via email, purportedly from the “Internet Revenue Service,” contains an attachment infected with a new variant of the unimaginatively named Rapid Ransomware.


The malspam—malware spam—is being sent with subjects such as “Please Note - IRS Urgent Message.” The message suggests the recipient is behind on their tax payments and offers an attached “report” (a zip file) to allow the user to view how much money is owed.

As they say, “It’s a trap!”


The message won’t be very convincing to a discerning reader. In fact, it contains a hilarious hodgepodge of languages and identifiers. A sample email above, provided by My Online Security, has a United Kingdom address (xxxxx@nottscc.gov.uk) and the Word document attached contains a slew of instructions in German.

Opening the attachment will deploy the malware, which will scan the infected device and start encrypting random data files. It will also open several text files on screen instructing the user to initiate contact with the dickholes spreading the malware via email.


The process for decrypting the files likely involves a cryptocurrency payment in the standard hundreds-of-dollars range.


This feels like a good time to remind everyone, once again, that the IRS does not initiate contact with US citizens via email. So if you receive an email from the IRS (and haven’t specifically asked the agency to email you), delete that message immediately, my friend.

Spread the word.

[Bleeping Computer]