Fraudsters may have accessed thousands of taxpayers' Revenue accounts using information provided by them unwittingly.
Revenue has written to around 3,000 taxpayers advising them that their myAccount may have been accessed as part of a scam which was sent via text message.
Revenue's Chief Information Officer, John Barron, explained that Revenue constantly monitors for suspect online activity on all its services and takes action as soon as such activity comes to light.
"For example, where potential phishing websites are detected, we immediately seek to have them taken offline by reputable hosting services," he said.
Following an investigation by Revenue's IT Department into this latest scam, a letter has been sent to approximately 3,000 taxpayers to make them aware of its concerns that their personal details may have been accessed, the possible serious implications for them and to set out some practical things they can do to minimise the extent of any fraud perpetrated against them.
Mr Barron stated that "it is important to note that the security of Revenue’s systems has not been compromised in any way.
However, the nature of this particular type of scam has led to some taxpayers unwittingly compromising the security of their personal myAccount profile details by providing information such as their PPS number, date of birth and myAccount password to fraudsters.
This occurred after the taxpayer clicked on a link, in a text sent by fraudsters, which purported to be the Revenue 'myAccount’ log-in screen."
If the details provided after clicking the link are valid, the fraudsters then use these details provided by the taxpayer to access the taxpayer’s myAccount user profile screen.
At this stage they may be able to obtain further information including potentially bank details where the taxpayer has recorded these with Revenue.
Mr Barron confirmed that "in order to mitigate any further threat to the accounts that could have been potentially compromised, we are now contacting each of the taxpayers by letter informing them of possible fraudulent activity that may have affected their account.
The letter notifies the taxpayer that Revenue has temporarily deactivated their myAccount access and advises them of important next steps they should follow."
Revenue regularly reminds taxpayers that it never sends text messages requiring the provision of personal information via links, pop-up windows, reply text or email.