EFTPS Scam – Watch Out!

Okay, so this is kind of a strange topic to blog about… but hey.

It has to do with the online world and since I haven’t been doing much online traversing nowadays, I figured I might as well talk about an online scam I ran into recently.

So the latest in online via email IRS tax scamming and information phishing is this little gem here that goes something like this:

Welcome to Eftps

Your Federal Tax Payment ID: insert bogus number here has been rejected. Please, check the information and refer to Code R21 to get details about your company payment in transaction contacts section:


Return Reason Code R21 – The identification number used in the Company Identification Field is not valid.

In other way forward information to your accountant adviser.

on the site. James was appointed guardian of his two younger brothers, William Wright and Joseph Tarpelin,

EFTPS: The Electronic Federal Tax Payment System


You are using an Official United States Government System, which may be used only for authorized purposes. Unauthorized modification of any information stored on this system may result in criminal prosecution. The Government may monitor and audit the usage of this system, and all persons are hereby notified that the use of this system constitutes consent to such monitoring and auditing. Unauthorized attempts to upload information and/or change information on this web site are strictly prohibited and are subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec. 1001 and 1030.

This was copied and pasted directly from my email.

Poor grammar, a random spammy message that didn’t show up until the copy and paste (the bit about James and Joseph – WTF, man? the hell does THAT have anything to do with my taxes?), and the fact that I never signed up for the website in the FIRST place (much less made a tax payment) red flagged this message as a “phishing” attempt or some sort of scam attempt.

To test my theory and suspicions, I opened up the link in a virtual environment where the worst that could happen would be limited to that one virtual environment and… guess what? My antivirus software went nuts over it – complaining that the link linked to malicious malware or a site that contained malicious malware.


When I checked online, sure enough, I found a message posted by the IRS that warned people of similar scams.

The link to the official IRS article is HERE and an excerpt of the website page is here:

Aug. 20, 2010:

There is a fraud risk you need to be aware of. It is related to the Electronic Federal Tax Payment System.

The IRS recently became aware of a fraudulent scheme targeting EFTPS users, the scheme uses an e-mail that claims your tax payment was rejected and directs you to a website for additional information. The website contains malware that will attempt to infect your computer.

If you receive a message claiming to be from the IRS or EFTPS, please:

1. Do not reply to the sender, access links on the site or submit any information to them.

2. Forward the message as-is immediately to us at phishing@irs.gov.

3. How to report and identify phishing, e-mail scams and bogus IRS websites.

4. If you receive a suspicious e-mail or discover a website posing as the IRS, please forward the e-mail or URL information to the IRS at phishing@irs.gov.

5. EFTPS is a tax payment system provided free by the U.S. Department of Treasury. Pay federal taxes electronically via the Internet or phone 24/7. Visit EFTPS to enroll.

The IRS does not initiate taxpayer communications through e-mail.

So yeah.

Scam, fraud, and phishing attempt confirmed which means: DON’T click on those links if you get similar sorts of emails!

But that’s not all!

After about a few weeks of receiving such emails and reporting each one as phishing, I started receiving emails with subject titles like this:

Notification: Federal Tax Payment Batch Has Been Rejected


Company Federal Tax Payment Batch Has Been Failed

‘Has Been Failed’?

EFTPS notification: your account is blocked

Ahhh yes. My nonexistent account would be blocked because of… why?

And they just keep coming.

And coming.

And coming.

And I keep reporting…

And reporting…

And reporting.

And so should you.

Over and out,

This entry was posted in Rants and Raves and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *