Skip to Content
Security & privacy

Beware! Tax preparer scammers are targeting TurboTax

Hackers love to impersonate trusted brands for their scams. Tax season is prime time for these crooks, so you need to be extra careful this time of year. They will use every trick in their arsenal to try to rip you off, including phishing scams.

Hackers like to use the trusted TurboTax brand to target DIY tax preparers into handing over their personal information.

One of Kim’s listeners emailed us recently with a frightening story of how her family fell for one of these TurboTax phishing scams. Keep reading to find out what happened and learn tips on how you can avoid being the next victim.

Watch for fake TurboTax download scams

Kim’s listener who shared her story with us wants to stay anonymous but asked us to pass along what happened so others don’t fall for it. So, here’s what happened.

The woman’s husband downloaded a pirated version of TurboTax that cost $19.99, which he paid for through PayPal. Unfortunately, it ended up infecting his computer with malware.

Not only that, but their daughter downloaded the same pirated version of TurboTax. So her computer was also infected with malware. Yikes!

Now this might be the scariest part of the story. Her husband found the malicious TurboTax software by doing a simple Google search. The results from the search included malicious links, which is something scammers have been doing more of lately. They’ve been paying to have their spoofed sites show up in search results.

Here’s a screenshot the listener sent us of the search results:

Luckily, the Komando listener figured out this TurboTax version was malicious before her husband and daughter uploaded any tax returns. But it was a grueling task to remove the malware from the device. She ended up having to restore the computer to a week before the malicious software was installed and ran antivirus software multiple times before it was finally gone.

In this scam, the malware came from clicking on a malicious search result. Instead of searching for TurboTax software online, make sure to get DIY tax software from a trusted source. You can get it directly from sources like Intuit, Amazon or Best Buy.

Another way to get scammed is through phishing emails. You might receive a spoofed email that appears to be from Intuit that’s full of malicious links.

Intuit TurboTax is aware that criminals spoof its products to try and rip people off, and many times they do it with phishing emails. That’s why it regularly posts phishing alerts on its online security center. Tap or click here to see an example.

It also has a list of things it will and won’t do through emails to help you spot those emails that are fake.

What Intuit won’t do:

  • Intuit will never send you an email with a “software update” or “software download” attachment. When it’s time to update, Intuit will give you instructions on how to manually update from the product or direct you to enter the website name and do so manually. Some of its products have an “auto-update” feature which is the preferred method.
  • It will never send you an email asking you to send it your login or password information.
  • It will never ask you for your banking or credit card information in an email. Also, it won’t ask for private information about your employees in an email.

What Intuit will do:

  • Intuit will provide you with instructions on how to stay current with your Intuit product, and it will provide you with information on how to securely download an update from your computer.
  • If it needs you to update your account information, it will request that you do so by logging into your account or calling an official Intuit number.

Intuit’s suggestions for avoiding phishing scams and spoofed sites

Phishing scammers use forged emails, spoofed websites and malicious links to trick us into handing over sensitive information. They’re looking to get your Social Security number, driver’s license, credit and debit card information, or bank account numbers.

Here are suggestions from Intuit on how not to get tricked:

Be wary of spoofed email addresses – It’s easy for criminals to fake a From or Reply To address, either manually or with spam software, so never assume an email is real by looking at its header. And never reply to or open attachments from suspicious emails.

Don’t click that link, it could be malicious – Phishing emails usually contain malicious links that will take you to a spoofed site that asks you to enter you log on and account information. That’s why it’s always better to type the address of a website directly into your browser, so you know you’re going to the actual site and not a spoofed one.

Watch out for spoofed websites – Phony sites mimic real ones by copying company logos, images and site designs. Scammers have extremely sophisticated tools these days that can help them mask or change a web address. Which is why it’s critical to type the address of a website directly into the address bar of your browser instead of following a link from an email or internet search. Even search results from trusted search engines can lead you to a spoofed site.

Tax scams are a growing problem, and the IRS wants to help put an end to them, too. It’s asking any taxpayer who receives suspicious emails purporting to be from a tax software provider, or from the IRS, to forward them to

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days