As the IRS has noted in its alerts to the public, a variety of different tax scams continue to rob people of millions of dollars and trick them into handing over sensitive personal information. Scammers use the regular mail, telephone, fax or email to set up their victims. This article, based directly on a number of IRS publications, is an update to prior blog articles that look at different, new scams affecting individuals, businesses, and tax professionals and offer tips on what do if you if you spot a tax scam.
Scams Targeting Tax Professionals
The IRS notes the following:
These criminals – many of them sophisticated, organized syndicates - are redoubling their efforts to gather personal data to file fraudulent federal and state income tax returns. The Security Summit has a campaign aimed at increasing awareness among tax professionals: Protect Your Clients; Protect Yourself. The Security Summit created the “Protect Your Clients, Protect Yourself” campaign to raise awareness among tax professionals about their legal obligation to protect taxpayer data as well as highlight security threats they face from identity thieves.
Some of the recent scams that target the tax professional community include the following (though it should be noted that the tactics of the scammers continue to evolve rapidly and these tactics may change or become more sophisticated):
Scams Targeting Taxpayers
In addition, scammers are targeting individual taxpayers directly through increasingly subtle, hard-to-spot methods, including the following as observed by the IRS.
- IRS Impersonation Telephone Scams: An aggressive and sophisticated phone scam targeting taxpayers, including recent immigrants, has been making the rounds throughout the country. Callers claim to be employees of the IRS, using fake names and bogus IRS identification badge numbers. They may know a lot about their targets, and they usually alter the caller ID to make it look like the IRS is calling.
- Victims are told they owe money to the IRS and it must be paid promptly through a pre-loaded debit card or wire transfer. Victims may be threatened with arrest, deportation or suspension of a business or driver’s license. In many cases, the caller becomes hostile and insulting. Or, victims may be told they have a refund due to try to trick them into sharing private information. If the phone isn't answered, the scammers often leave an “urgent” callback request.
- For More Info Please See: Consumer Alert: Scammers Change Tactics, Once Again
- Soliciting Form W-2 Information From Payroll and Human Resources Professionals: The IRS has established a process that will allow businesses and payroll service providers to quickly report any data losses related to the W-2 scam currently making the rounds.
- See details at Form W2/SSN Data Theft: Information for Businesses and Payroll Service Providers.
- Also see: IRS, States and Tax Industry Renew Alert about Form W-2 Scam Targeting Payroll, Human Resource Departments
- IRS Alerts Payroll and HR Professionals to Phishing Scheme Involving W-2s
- Surge in Email, Phishing and Malware Schemes: When identity theft takes place over the web (email), it is called phishing. The IRS has issued several alerts about the fraudulent use of the IRS name or logo by scammers trying to gain access to consumers’ financial information to steal their identity and assets.
As the IRS recommends, it is crucial to understand that the IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.
That just does not happen. If it is happening to you, it is fraudulent.
In addition, the IRS does not threaten taxpayers with lawsuits, imprisonment or other enforcement action. Recognizing these telltale signs of a phishing or tax scam could save you from becoming a victim.
Do not let the scammers care you into giving them your personal information, in other words.
In conclusion, we think it is prudent that you engage the services of a reputable professional such as an IT expert or system security specialist who can provide you with a risk assessment or “system audit” as to your vulnerability to attack by system scammers.
It’s also worth remembering the old adage that “you’re only as strong as your weakest link.” If one element in the chain of players in the business process falls short when implementing adequate security measures then all other dependent players in the chain are more susceptible to harm.