It’s that time of year again and the possibility of phishing scams takes the usual tax-time anxiety to a whole new level as the Internal Revenue Service warns that fraudulent tax professionals are behind tax-related identity theft and financial harm. These phishing and related scams are designed to trick the recipient into disclosing personal information such as passwords and bank account, credit card, and Social Security numbers, or into sending gift cards or wire transfers to the scammer. US consumers and companies should be extra vigilant, know the different phishing terms, and be aware of what the scams might look like:
- Phishing/smishing – Phishing (emails) and smishing (SMS/texts) attempt to trick the recipient into providing sensitive information or downloading malware — i.e., malicious software — by clicking a link. Phishing emails are often sent to multiple email addresses at an organization to increase the chance someone will fall for the trick.
- Spear phishing – This email phishing scam is more specific in that it targets potential victims individually and delivers a more effective email known as a "lure." These types of scams can be harder to because they are personalized, which makes the email seem more legitimate.
- Whaling – Whaling attacks generally target leaders or other executives with access to large amounts of sensitive information at an organization or business. Whaling attacks can also target human resources or accounting office personnel.
Common Tax Methods
Fraudsters use a wide array of different themes in their campaigns, which often look like ordinary business communications. Your personnel should be able to spot attempts to prevent the disclosure of credentials or other financial and business assets.
- Charity Impersonators, COVID-19 Pandemic Scam, Credits and Refund Misinformation
- Disaster Fraud, Dishonest Tax Preparers, Email and Text Message Impersonators, Senior Fraud
- Social Media Bad Tax Advice and Scams, Tax Debt Settlement and/or Relief Services
- Unclaimed Tax Refund, Unemployment Claims Identity Theft, Unexpected Tax Bill, W-2 Form Fraud
The IRS and tax preparers continue to see attacks that exploit cloud-based applications.
- These cloud-related schemes trick their victims with realistic-looking phishing emails that contain links to websites that mimic cloud storage sites. These sites look legitimate but are frauds designed to collect the tax preparer's, which the threat actor uses to access the real cloud storage site.
- Tax professionals using cloud-based applications are warned to store information or run tax preparation software using multi-factor authentication to help safeguard data. Multi-factor authentication requires at least two forms of identity, such as a password and a fingerprint, providing an extra layer of security.
Red flags When Choosing a Tax Professional
“Ghost” Preparers - The IRS requires that paid tax preparers sign returns. Unscrupulous “ghost” preparers, however, have the taxpayer sign and send the IRS their tax returns. These scammers often promise large refunds or charge low fees based on the refund amount. These red flags of unethical behavior can indicate fraud. Be mindful, if it doesn’t feel legit it probably isn’t.
Valid ID for Tax Preparers - Taxpayers should always choose a tax preparer with a valid Preparer Tax Identification Number (PTIN). By law, anyone who is paid to prepare or assists in preparing federal tax returns must have a valid PTIN. Paid preparers must sign and include their PTIN on any tax return they prepare.
Reporting an IRS Impersonator - The IRS doesn’t initiate contact by email, text, phone, or social media to request personal or financial information, and you can verify a suspicious message with the IRS. If you think it’s a scam, report it.
If you think you have been scammed:
- If your Social Security number or individual tax identification number was stolen, immediately report it to IdentityTheft.gov.
- Contact your institution immediately so they can act and provide recommendations.
- Report suspicious activity to the Internet Crime Center, www.ic3.com, and/or your local law enforcement agency.