The Internal Revenue Service has issued another urgent warning directed at a specific type of business.

Car dealers and sellers are being targeted through evolving and sophisticated phishing and smishing scams with the potential to impact day-to-day operations.

“In light of the recent ransomware attack aimed at car dealers, the IRS is warning individuals and businesses to remain vigilant against these attacks. Fraudsters and identity thieves attempt to trick the recipient into clicking a suspicious link, filling out personal and financial information or downloading a malware file onto their computer,” the agency said in a statement.

Businesses across the country were impacted last month when CDK Global, a software firm serving car dealerships, was hit by a cyberattack. Scheduling, sales and orders at some 15,000 dealerships were all but shut down with some dealers reverting to pen and paper to do business. CDK reportedly paid a $25 million ransom to the hackers.

While details of the CDK hack aren’t known, the tax agency said impersonating the IRS remains a “favorite tactic” of scammers trying to obtain sensitive financial and personal information. Car dealerships are urged to be “extra cautious” about unsolicited messages and to avoid clicking any links in an unsolicited email or text.

How businesses and individuals can protect themselves

• Be alert to fake communications posing as legitimate organizations, friends or family. These messages often arrive unsolicited and impersonate a bank or other financial organization to try and trick users into clicking a link which can lead to identity theft or the installation of malicious malware.
• Never click on any link in an unsolicited communication.
• When in doubt, verify with the sender by using another communication method. Do not call numbers listed in an unsolicited email or reply to the email.
• Don’t open any attachments. They can contain malicious code that may infect the computer or mobile phone.
• Delete the original email.