As tax season hits full swing, the IRS is warning filers and professionals about familiar phishing scams and some new ones, particularly in the wake of major data breaches in the past year.
The warning comes this week as part of the IRS’s “Dirty Dozen” list of tax scams, which has historically focused on techniques like spoofed phone calls but has since evolved to modern scams, like phishing. The IRS warns taxpayers, businesses and tax professionals to be alert for a continuing surge of fake emails, text messages, websites and social media attempts to steal personal information. These attacks tend to increase during tax season and remain a major danger of identity theft.
“Taxpayers should be on constant guard for these phishing schemes, which can be tricky and cleverly disguised to look like it’s the IRS,” said IRS Commissioner Chuck Rettig. “Watch out for emails and other scams posing as the IRS, promising a big refund or personally threatening people. Don’t open attachments and click on links in emails. Don’t fall victim to phishing or other common scams.”
The IRS also urges taxpayers to learn how to protect themselves by reviewing safety tips prepared by the Security Summit, a collaborative effort between the IRS, state revenue departments and the private-sector tax community.
“Taking some basic security steps and being cautious can help protect people and their sensitive tax and financial data,” Rettig said.
New variations on phishing schemes
The IRS continues to see a steady stream of new and evolving phishing schemes as criminals work to victimize taxpayers throughout the year. Whether through legitimate-looking emails with fake, but convincing website landing pages, or social media approaches, perhaps using a shortened URL, the end goal is the same for these con artists: stealing personal information.
In one variation, taxpayers are victimized by a creative scheme that involves their own bank account. After stealing personal data and filing fraudulent tax returns, criminals use taxpayers’ bank accounts to direct deposit tax refunds. Thieves then use various tactics to reclaim the refund from the taxpayer, including falsely claiming to be from a collection agency or the IRS. The IRS encourages taxpayers to review some basic tips if they see an unexpected deposit in their bank account.
Those on the other side of the tax-filing process, like tax and human resources professionals, should be on the watch for phishing as well, the IRS warns, saying its seen “more advanced” schemes targeting them, like what it calls business email compromise or spoofing. Through these techniques, criminals pose as a business seeking payment on an invoice, an employee needing to re-route a direct deposit or someone a taxpayer has entrusted to perform a wire transfer.
As always, if a taxpayer or professional encounter or suspect a phishing attempt using the IRS’s name or association, they should report it to phishing@irs.gov. The agency also reminds: “The IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.”
Source: IRS.gov
Legal Notice: The materials communicated in this transmission are for informational purposes only and not for the purpose of providing accounting, legal or investment advice. You should contact your accountant or advisor to obtain advice with respect to any particular issue or problem. Use of and access to this Web site or any of the e-mail links contained within the site do not create an accountant-client relationship between Warady & Davis and the user or browser. You should not act upon any such information without first seeking qualified professional counsel on your specific matter. Any accounting, business or tax advice contained in this communication is not a substitute for a formal opinion, nor is it sufficient to avoid tax-related penalties. If desired, Warady & Davis would be pleased to perform the requisite research and provide you with a detailed written analysis. Such an engagement may be the subject of a separate engagement letter that would define the scope and limits of the desired consultation services. © 2019 All Rights Reserved.