The IRS has a message for you, and although it’s not coming certified mail in a logo-embossed envelope, it’s one worth paying attention to.

This message comes in the form of a consumer alert as the agency kicks off its annual Tax Security Awareness Week, part of a joint federal, state and private tax professionals initiative to help taxpayers avoid scams and protect their sensitive data.

It’s no surprise that it’s coming now, at the beginning of the holiday shopping season where targets for identity thieves and scam artists abound. But worse, those bad characters are running increasingly sophisticated attacks including phishing emails and related attacks attempting to pry social security number, bank accounts and other confidential information from the unsuspecting.

Many of us, for example, have received phony messages via text or email indicating that we have an imminent delivery, supposedly from a reputable company but in reality from one that a single click on a link to leads down a road of malware and requests to “reschedule” the service — for a fee.

Those scams can be fairly obviously. Others, not so much. Phone calls from phony IRS agents can sound legitimate and even helpful, as the “agent” pretends to assist you out of some concocted financial distress. This scam will be especially active in the next few months during tax season.

To thwart thieves and silence scammers, the IRS and its partners offer advise several courses of action:

— Shop at online sites with web addresses that begin with the letters “https:” the “s” stands for secure communications. Also look for a padlock icon in the browser window.

— Don’t shop on unsecured public Wi-Fi in places like a mall or restaurant.

— Ensure security software is updated on computers, tablets and mobile phones.

— Watch out and help protect the devices of family members who may not be technologically savvy, a wide range that goes from young children to older adults.

— Make sure anti-virus software for computers has a feature to stop malware, and that there is a firewall enabled to prevent intrusions.

— Use strong, unique passwords for online accounts.

— Use multi-factor authentication whenever possible.

Additionally, taxpayers should be aware of various email scams, including:

— Phishing/Smishing:Phishing emails or SMS/texts (known as “smishing”) attempt to trick a recipient into clicking a suspicious link, filling out information or downloading a malware file. Often phishing attempts are sent to multiple email addresses at a business or agency, increasing odds that someone will fall for the trick.

— Spear phishing: This is a specific type of phishing scam that bypasses emailing large groups at an organization, instead identifying potential victims and delivering a more realistic email known as a “lure.” These types of scams can be trickier to identify since they don’t occur in large numbers. They single out individuals, can be specialized and make the email seem more legitimate. Scammers can pose as a potential client for a tax professional, luring the practitioner into sharing sensitive information.

— Clone phishing: This is a newer type of phishing scam that clones a real email message and resends it to the original recipient pretending to be the original sender. The new message will have either an attachment that contains malware or link that tries to steal information from a recipient.

— Whaling: Whaling attacks are very similar to spear phishing, except these attacks are generally targeted to leaders or other executives with access to large amounts of information at an organization or business. Whaling attacks can target people in payroll offices, human resource personnel and financial offices as well as leadership.

For other tips and resources, visit National Tax Awareness Week 2024 at https://www.irs.gov/newsroom/national-tax-security-awareness-week-2024. Just be sure you that the link you use to get that has that special “s” in the url. As you now know, that stands for security.