SCAM📋 Email Scam Pattern✉️ EMAILCatastrophic risk

Spear Phishing Email (Targeted Attack)

Spear phishing is personalized phishing targeting specific individuals using researched personal details. FBI IC3 2024: phishing was #1 by complaint volume (193,407 cases). IRS Dirty Dozen 2025 and 2026 both list spear phishing targeting tax professionals in the top 12. CISA has dedicated phishing guidance for organizations.

Reports

193,407 FBI IC3 phishing complaints 2024 — #1 by volume; IRS Dirty Dozen 2025 and 2026

First documented

2019

Last active

2026-03

⚠

⚠ This page documents a reported scam email pattern for educational purposes. Sources are cited for all statistics and claims. ZeroScam is not affiliated with the IRS, FTC, FBI, or any government agency.

What this scam email says

Unlike mass-blast phishing, spear phishing uses the target's name, employer, role, and recent activity to appear credible. Common vectors: fake new client emails (tax professionals), fake vendor invoice emails (finance teams), fake colleague IT requests, and AI-generated executive impersonation.

What this scam email looks like

Email preview — reconstructed example

From: [email protected]
Subject: Vendor invoice attached — please review and approve

Hi [target's name],

Please find attached the invoice for services rendered in Q1 2026.
Could you review and approve for payment by end of week?

Amount: $8,450.00
Payment terms: Wire transfer to updated banking details (see PDF)

Let me know if you need anything else.

Best,
[Trusted vendor name]

[ATTACHMENT: Invoice_Q1_2026.pdf] ← malware or fake wire details

Reconstructed example for educational purposes. Not a verbatim reproduction.

Known scam email subject lines in this pattern

•Vendor invoice attached — please review
•Password reset required — IT security
•Urgent: wire transfer authorization needed — CEO
•Document review request from [name]
•Referral — prospective client inquiry

4 red flags

FBI IC3 2024: phishing/spoofing was #1 most reported crime (193,407 complaints)

IRS Dirty Dozen 2025 and 2026 both specifically name spear phishing targeting tax professionals

Uses your real name, employer, or recent activity — sourced from LinkedIn, social media, or data breaches

Professional, error-free writing is intentional — these are targeted attacks, not mass blasts

What to do

→

Verify any unusual request by calling the sender on a known number

→

Never open attachments from new contacts without verifying identity first

→

Report to FBI IC3 at ic3.gov

→

Tax professionals: report to IRS at [email protected] — subject: 'Spearphishing'

Report this email scam

Report to FBI IC3 ↗CISA phishing guidance ↗IRS spear phishing report ↗

Source

IRS Dirty Dozen 2026 #11 — spear phishing targeting tax professionals; IRS Dirty Dozen 2025 #12; CISA phishing guidance; FBI IC3 2024 — phishing #1 by complaint volume

https://www.cisa.gov/topics/cybersecurity-best-practices/phishing ↗

Fake sender domains used in this scam

Scammers impersonate legitimate brands using these fraudulent domains. If you received an email from one of these, it is a scam.

secure-document-share.cominvoice-approval-portal.netvendor-payment-update.com

Documented email subjects in this pattern

"New Client Inquiry" Spear Phishing Email (Tax Professionals)

New client inquiry — tax return assistance needed

→

"New Client Inquiry" Spear Phishing Email (Tax Professionals)

Email Subject

→

IRS Phishing Email Scam

Email Scam Pattern

→

People also search for

spear phishing email targeted phishing attack spear phishing tax professional what is spear phishing spear phishing vs phishing 2025 2026

Frequently asked questions

What is the Spear Phishing Email (Targeted Attack)?▼

How do I recognize a Spear Phishing Email (Targeted Attack)?▼

Red flags: FBI IC3 2024: phishing/spoofing was #1 most reported crime (193,407 complaints); IRS Dirty Dozen 2025 and 2026 both specifically name spear phishing targeting tax professionals; Uses your real name, employer, or recent activity — sourced from LinkedIn, social media, or data breaches.

What should I do if I receive a Spear Phishing Email (Targeted Attack)?▼

Verify any unusual request by calling the sender on a known number Never open attachments from new contacts without verifying identity first Report to FBI IC3 at ic3.gov

How common is the Spear Phishing Email (Targeted Attack)?▼

193,407 FBI IC3 phishing complaints 2024 — #1 by volume; IRS Dirty Dozen 2025 and 2026. First documented: 2019. Source: IRS Dirty Dozen 2026 #11 — spear phishing targeting tax professionals; IRS Dirty Dozen 2025 #12; CISA phishing guidance; FBI IC3 2024 — phishing #1 by complaint volume.

Received a suspicious email?

Paste the email text or subject line — check it instantly, free.

Check your email →

Source: IRS Dirty Dozen 2026 #11 — spear phishing targeting tax professionals; IRS Dirty Dozen 2025 #12; CISA phishing guidance; FBI IC3 2024 — phishing #1 by complaint volume

First documented: 2019 · Last active: 2026-03

← Scam message database