Clicked an IRS Scam Email Link? Here’s What to Do Now

Kathryn Jones — Founder, The Identity Vault

Kathryn built The Identity Vault to stop scams before they happen. Updated April 2026.

If you clicked an IRS scam email link, you are not alone — it happens in seconds. You see an email that looks like it’s from the IRS, click a link expecting a refund notice or account update, and realize almost immediately that something’s wrong. Now you’re wondering what was exposed and what to do next.

The good news is that clicking a link alone — without entering any information — often causes limited harm. But you do need to check, and act on what you find.

What Actually Just Happened

A user received an email with IRS branding and subject line “Action Required: Verify Your 2025 Filing.” They clicked the link, which led to a convincing replica of the IRS.gov login page. After entering their email and password, they noticed the URL wasn’t IRS.gov. Within hours, their email account had been accessed from an unfamiliar location.

Phishing pages are built to harvest credentials in real time. The moment you enter a username and password on a fake site, that information is captured.

Step 1: After Clicking an IRS Scam Email Link — Assess What Happened

Walk through what happened in as much detail as you can:

• Did you only click the link, or did you enter any information on the page?
• If you entered information — what was it? A password? Your SSN? Bank details?
• Did you download anything from the page?

The answers determine your next steps. If you only clicked and didn’t enter anything, your exposure is likely minimal. If you entered credentials or personal information, treat this as a confirmed exposure.

If You Entered a Password

Change It Immediately — and Everywhere

Start with the account the password belongs to. Then think about anywhere you use the same password — if you use it on multiple sites, change all of them. Password reuse is one of the primary ways a single breach compounds into many.

Enable Two-Factor Authentication

Turn on two-factor authentication for your email and any financial accounts, if you haven’t already. Use an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator) rather than SMS codes — SMS can be intercepted via SIM swap.

Check for Active Sessions

Most email providers (Gmail, Outlook) let you see all currently active login sessions. Review them and log out any device or location you don’t recognize. Do this now, before changing your password, so any active unauthorized sessions get terminated.

If You Entered Your SSN or Other Personal Information

Follow the steps from the SSN exposure guide — freeze your credit at all three bureaus, request an IRS Identity Protection PIN, and monitor your accounts daily for at least 30 days. See: I Gave My SSN to an IRS Scammer — What to Do Immediately.

Run a Security Scan on Your Device

If you downloaded any file from the phishing page, or if the page triggered any downloads automatically, run a full antivirus or malware scan on your device. Malwarebytes (free version) is a solid option for a one-time scan. Most modern browsers also block known phishing sites — check your browser’s security settings.

How to Spot an IRS Phishing Email (So You Don’t Click Another Scam Link)

Once you know what to look for, fake IRS emails are easier to identify:

• The sender address does not end in @irs.gov — this is the most reliable tell
• The email asks you to click a link to “verify” information or claim a refund
• The URL in the link does not start with https://www.irs.gov
• There is urgency or deadline language pushing immediate action

The IRS never initiates contact by email. Any unsolicited email claiming to be from the IRS is a phishing attempt.

What to Do With the IRS Scam Email After Clicking

Forward the original phishing email to phishing@irs.gov — this is the IRS’s official reporting address for email scams. Then delete it from your inbox.

If you want to check whether your email address has appeared in any known data breaches, HaveIBeenPwned.com is a free, reliable tool.