The Internal Revenue Service and Security Summit partners today warned the public of a surge of fraudulent emails impersonating the ITS and using tax transcripts as bait to entice users to open documents containing malware.

The scam is especially problematic for business whose employees might open the malware because malware can spread throughout the network and potentially take months to successfully remove.

This well-known malware, known as Emotet, generally poses as specific banks and financial institutions in its effort to trick people into opening infected documents.

In the past few weeks, the scam masqueraded as the IRS, pretending to be from “IRS Online.” The email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”

The IRS does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript.