Tag Archives: tax refund

Phishing for tax returns: Where's your refund?

The use of phishing scams, phone scams and computer hacking seems to multiply daily. The object of the scams and hacks: getting your tax refund. How? By the scammers and hackers filing a false tax return on your behalf. It’s more common than you think. Part of the problem is that those darn phishing emails look so real, including company logos, brand identity, signature blocks and even the photo of the alleged sender of the email.

These scams are not new, but many of them continue to succeed. Last year, phishing emails were so prevalent that it prompted the IRS to issue a special alert. It’s becoming common practice for IT departments at many companies to introduce “fake” phishing threats to train their employees on what not to do. These are essentially planned attacks from a known source. Employees learn how to recognize a phishing email using various techniques, such as looking for misspellings, incorrect domains and hovering over any links embedded in the body of the email. More importantly, they learn what to do, and what not to do: DO report the suspicious email to the help desk and delete the email; DON’T reply to the email, click on any links in the email, or open any attachments to the email.

Phone scams also continue to cause people to give out information over the phone that they should not. The IRS recently warned consumers about this, and offered practical information about what the IRS does NOT do. Importantly, the IRS does not make phone calls and won’t contact you by email to request personal or financial information!

But scams are also the result of computer hacking, perhaps as a result of brute force attacks, where organized crime syndicates are infiltrating accountants and human resource departments at companies, and gaining access to prior years’ tax returns, wage and payroll information, social security numbers, and much more. The targets may include accounting firms and tax professionals that have on hand a massive amount of pertinent taxpayer information.

In fact, the IRS warned during the 2016 tax season that tax fraud is on the rise. The IRS has published some common sense guidelines on some basic do’s and don’ts to avoid tax fraud, such as this that can be found here.

Recently, the IRS, state tax agencies and members of the tax industry (members of the Security Summit Initiative) warned tax professionals about a new phishing email scam where the scammers impersonate software providers. The scam email comes with a subject line, “Access Locked” and tells recipients that access to their tax preparation software has been “suspended due to errors in your security details.” The scam email asks the tax professional to address the issue by using an “unlock” link provided in the email. If clicked, the link takes the tax professional to a fake web page, where they are asked to enter their user name and password. Instead of unlocking accounts, the tax professionals actually are providing their information to cybercriminals who use the stolen credentials to access the preparers’ accounts and to steal client information. The Security Summit Initiative reminds tax professionals and taxpayers to never open a link or an attachment from a suspicious email, and that these scams increase during the tax season. Also, coming in 2017 are new safeguards that are aimed at those who prepare their own federal and state tax returns using tax software.

Law enforcement also warns about tax fraud schemes designed to defraud individuals. The FBI recently issued warnings about fraudulent tax schemes, and noted that it receives hundreds of complaints of tax-related fraud during this time of year as criminals scam you and the IRS, using your name. You can also hear the audio transcript of this warning here.

And, keep in mind that if you are a company that has been targeted, and personally identifiable information about your individual clients, customers, employees, or other individuals has been breached, you will have other headaches beyond the possibility of fraudulent tax returns. Forty seven states in the U.S. and the District of Columbia, require companies to provide consumers with notification if their personally identifiable information is compromised. While similar in concept, the state laws vary and you will need to comply with each state’s law. The state law that will govern the requirement to notify is the state in which the individual whose information has been compromised resides, not the state in which the breach occurred. Thus, for companies that conduct business across the U.S., a single instance of a breach of data may require that notifications be given that are compliant with forty-eight different laws. Offering free credit monitoring to those individuals has also become a defacto standard in responding to a data breach.

Beyond notification to individuals, consider involving the FBI or other law enforcement so that facts and patterns of criminal activity can be evaluated and monitored. InfraGard (see https://www.infragard.org/) is a partnership between the FBI and the private sector. It is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence, and one of its focus areas is cybercrime.

If your company is a victim and is faced with the potential for a multitude of fraudulent tax filings, there are resources at the state and federal level who will work with you to determine if they can put a freeze on processing returns from an identified list of stolen social security numbers until the true identity of the taxpayer is verified. That will stop the bleeding, at least as far as tax returns are concerned.

IRS warns of new phishing scams ahead of Tax Day

FILE – In this Feb. 27, 2013, file photo illustration, hands type on a computer keyboard in Los Angeles. As tax day nears, phishing season is in full swing. The IRS says it’s seen a “surge” in phishing emails in 2017. (AP Photo/Damian Dovarganes, File)

PHOENIX — Tax Day is right around the corner, which means criminals are more eager than ever to get their hands on your tax refund.

Just weeks ahead of April 18, the Internal Revenue Service said brand new phishing scams — and older, reinvented ones — have begun popping up.

The latest scam involves a fraudulent email from a sender who appears to be a tax preparer asking for a last-minute change to deposit accounts.

In order to avoid potential scams, the IRS said people should confirm with their preparer about whether they need to make any changes to account numbers.

The IRS also suggests tax professionals change and strengthen their own email passwords to better protect email accounts used for sensitive information.

This is also the time of year when taxpayers may see scam emails from their tax software provider or others asking them to update online accounts.

Taxpayers who receive suspicious emails purporting to be from a tax software provider or from the IRS should forward them to phishing@irs.gov.

Department of Revenue warns of W-2 email phishing scam

The Minnesota Department of Revenue is warning all employers of a dangerous W-2 email phishing scam targeting human resources and payroll departments. The scam has evolved beyond the corporate world and is spreading to other sectors, including school districts, tribal organizations, and nonprofits.

Payroll and human resource professionals across the country have received emails purporting to be from an organization executive requesting employee W-2 information. The email often looks official to unsuspecting employees who then send the requested information, disclosing private employee information to an unauthorized party.

Nationally, about 100 businesses employing 126,000 individuals were hit by scammers last year. By comparison, about 80 businesses have already been targeted in the first month of this tax season.

This scam puts employees’ personal information at risk. Disclosing the information to unauthorized parties can lead to an increase in tax refund fraud as criminals use that information to file fraudulent returns in Minnesota and elsewhere. If an employee’s W-2 or other private information is stolen, it can lead to longer waits for refunds as we work to verify the employee’s tax return, and ensure the right refund goes to the right person.

“These tax information scams have evolved and grown more sophisticated over the last couple of years,” stated Revenue Commissioner Cynthia Bauerly. “Employers across Minnesota need to be on high alert for scams and have their employees trained on what to do if they think something is suspicious when dealing with requests for employee personal information.”

The department encourages all businesses to notify their employees of the scam and have procedures in place to ensure that W-2 and other personal information is not disclosed to unauthorized parties.

Stop. Connect. Confirm.

When a request for private/sensitive information is made, Stop. Connect. Confirm.

Stop – Stop for a moment before complying with the request and sending that information.

Connect – Connect with the person who sent you the request by phone or by walking over to see them. Do not respond to the email to get confirmation of the sender’s identity. The sender may be a criminal who has disguised their identity by spoofing your colleague’s email address.

Confirm – Confirm with the executive requesting the information that their request is legitimate.

If your employer notifies you that your W-2 or other personal information has been compromised:

File a Form 14039, Identity Theft Affidavit if your tax return is rejected because of a duplicate Social Security number or if instructed to do so by the Internal Revenue Service.

Tax preparers should be on alert

Additionally, tax professionals should be aware of a scam targeting their software and asking them to “unlock” their suspended software accounts. The scam attempts to get the preparers login and password credentials, which can compromise private taxpayer information. Tax professionals should report these scam emails to their tax software provider and the IRS by emailing a plain text version of the scam email to Phishing@IRS.gov.