Tax Filers Beware: It’s Tax-Scam Time

Tax Filers Beware: It’s Tax-Scam Time

It's tax time, which also means it’s tax-scam time. Similar to the heightened risks during the holidays, now is an important time to remain alert for unusual phishing activity.

Tax forms are a treasure trove of information, including names, addresses, social security numbers and wages. Accounting and financial personnel responsible for handling employee W-2’s are particularly at risk for being targeted this season. If someone in this role becomes victim, cybercriminals are rewarded with even greater gains.

However, any regular tax payer who files electronically should also be aware that you could be targeted, too. Using sophisticated phishing tactics, cybercriminals will attempt to gain access to your files and commit acts of fraud, such as filing fake tax returns to obtain a refund.

Scam Tactics

Spamming is a relatively cheap and easy way for cybercrimials to gain access to your information. They send hundreds of thousands of email messages across the globe, and it will turn a profit if the right messages get in front of just a few of the right targets.

There were reports this past holiday season of criminals luring users in with the promise of inexpensive gifts or information about a package in transit. Unsuspecting users respond with sensitive information like user names, passwords, and financial information. Users don’t even have to type anything in to give the criminals something to work with: merely clicking “unsubscribe” will prove to the criminal that your email address is valid. Your “unsubscribe” request is ultimately just an invitation to send more spam.

Another common tactic that has been reported is phone extortion. In a recent news release, ADP LLC, a national provider of human resource management software and services, said it has received numerous complaints from customers about being contacted for outstanding taxes. The scammers are spoofing phone numbers, and posing as representatives from the IRS, a payroll company like ADP, and other legitimate businesses. The scammers claim the person will be arrested if they do not pay for tax liabilities over the phone. This false urgency creates fear and scares people into giving up their information.

What can be done to prevent an attack?

Tax scams will continue to pop up at the start of every year, so it’s important to remind your financial staff and employees not to fall prey to them. The sophistication and increasing number of attacks point to the need to enforce stricter corporate policies. W-2’s and other sensitive personal information should not be shared via unencrypted email.

With the right technology in place, the right filters enabled, most scams can be blocked and/or spotted easily. In the event an employee does fall for these kinds of tax-related scams, it's important to take action as soon as the mistake is detected to help avoid further fraud from occurring.

Little can be done to prevent a criminal from picking up the phone or sending a bogus email, but here are a few things you can do to protect yourself and your business:

  • Know how the IRS initiates contact. They will never contact you by email, ever. They will never contact you by phone or text message. The will only initially contact you via mailed letter.
  • Question any suspicious communications. If you owe back taxes, or think you might, you should initiate the discussion. Call your tax professional, the IRS or the state tax department directly. A new online tool at IRS.gov also lets you look up unpaid taxes, penalties and interest.
  • Investigate directly. Don’t click the link to determine if it’s real or not. Type the URL into your browser and look for yourself. 
  • Never pay over the phone. Even if you owe, the IRS never asks for credit, debit, prepaid card or bank information via phone, email, text or social media. If someone does, just hang up on them.

For more information about how to identify phishing attacks and security best practices, contact your VCIO or visit the News page of our website.  

 

Related Articles:

ITS Email Newsletter Archive

© 2018 IT Solutions Consulting, Inc. All rights reserved. Privacy Statement
IT Solutions
Top