Is the IRS Website Real?

TL;DR

Yes, you can be reasonably certain if you take a few simple steps to verify it’s the official IRS website. Don’t rely on links from emails or search results. Always type the address directly into your browser and check for the security certificate.

How to Check If You’re On The Real IRS Website

1. Type the Address Directly: Never click a link in an email, text message, or from a search engine result. Always type https://www.irs.gov directly into your browser’s address bar.
2. Check for ‘HTTPS’: Look at the beginning of the web address. It should start with https:// (not just http://). The ‘s’ means it’s a secure connection. Most modern browsers will also show a padlock icon in the address bar.
3. View the Security Certificate: Click on the padlock icon to view the website’s security certificate.
   • Make sure the certificate is valid and issued to “Internal Revenue Service”.
   • Check the dates – it shouldn’t be expired or due to expire soon.
4. Look for Official IRS Branding: The official IRS website has consistent branding, including its logo and colour scheme. Be wary of any inconsistencies.
5. Use a Website Reputation Tool (Optional): You can use online tools like VirusTotal or Google Safe Browsing to check the reputation of the website.
   • VirusTotal: Go to VirusTotal and enter irs.gov. It will scan the site with many different antivirus engines.
   • Google Safe Browsing: Search for “Google Safe Browsing IRS” to find Google’s report on the website’s security status.
6. Beware of Phishing Attempts: The IRS will never contact you by email, text message or social media asking for personal or financial information. They communicate primarily through official mail.
   • If you receive a suspicious communication claiming to be from the IRS, report it to the Treasury Inspector General for Tax Administration (TIGTA).

Checking DNS Records (Advanced – Optional)

If you’re technically inclined, you can check the website’s DNS records to verify its authenticity.

1. Use a Command Line Tool: Open your terminal or command prompt and use the nslookup command.

   nslookup irs.gov

2. Verify IP Addresses: Check that the returned IP addresses are associated with the IRS’s known servers. You can find this information on official IRS documentation (though it may change).