Alerts Phishing Social Engineering Taxes

Phishing Alert: Tax Scam Targeting Educational Institutions

The Internal Revenue Service (IRS) issued a warning today (Tuesday, March 30, 2021) about an ongoing impersonation scam targeting educational institutions. Faculty, students and staff with email addresses ending in .edu are primary targets for this scam.

How this Scam Works

This criminal scam attempts to capture personal information from recipients by prompting them to “recalculate” their tax refund payment by completing a form. Subject lines for these fake IRS emails include “Tax Refund Payment” or “Recalculation of your tax refund payment.” If recipients click on the link included in this dangerous e-mail, they are directed to a phishing website requesting the following information:

  • Social Security number
  • First name
  • Last name
  • Date of Birth
  • Prior Year Annual Gross Income (AGI)
  • Driver’s License Number
  • Current Address
  • City
  • State/U.S. Territory
  • Zip Code/Postal Code
  • Electronic Filing Pin

Please be aware that the IRS does not solicit this kind of information via email. Taxpayers who wish to check on their refund status should go directly to the website, click the “Refund” tab near the top of the page, and use the “Check My Refund Status” button.

Protect Yourself

If you receive the scam email described above or any other suspicious email requesting private information and/or login credentials, please do not reply to the email or click on any links contained in the message. Simply report the message by forwarding it to our Office of Information Security at and delete it from your inbox. We will investigate the threat and take action to prevent it from spreading in our systems.

If you believe your personal information has been compromised in a tax-related scam, the IRS has tools and services available to help. Visit the IRS’s Identity Theft Central site for more details. You will find a link to that resource below.

For more information about staying safe this tax season, please see our recent article “Keep Your Information Secure this Tax Season.” This tax season presents unprecedented opportunities for criminals seeking to exploit uncertainties and anxieties associated with the COVID-19 pandemic. Typical social engineering campaigns (i.e., strategic attempts to manipulate victims using psychological and emotional tactics) this tax season center on COVID stimulus payments, taxes, antibody testing, healthcare fraud, and cryptocurrency. Please continue to be vigilant about urgent emails requiring quick action to supply personal information and login credentials, no matter the topical scare tactic.

You will find a link to the full IRS post about this threat below.

Please refer to our recent article for more information on protecting yourself this tax season.

Contact Us

Please reach out to our office at if you have questions or concerns. Thank you for all that you do to keep WashU secure.