The Internal Revenue Service and its Security Summit partners are warning you about a new IRS impersonation scam campaign spreading nationally on email. The IRS detected this new scam as taxpayers began notifying firstname.lastname@example.org about unsolicited emails from IRS imposters. The emails have links that show an IRS.gov-like website with details pretending to be about the taxpayer’s refund, electronic return or tax account. The emails contain a “temporary password” or “one-time password” to “access” the files to submit the refund, but when you try to access these, it turns out to be a malicious file. This new scam uses dozens of compromised websites and web addresses that pose as IRS.gov, making it a challenge to shut down. By infecting computers with malware, these imposters may gain control of the taxpayer’s computer or secretly download software that tracks every keystroke, eventually giving them passwords to sensitive accounts, such as financial accounts. Remember: the IRS does not send unsolicited emails and never emails taxpayers about the status of refunds.