Authored by Paul Dillon, Michelle Hobbs and Mike Schiavo
Tax-related identity theft continues to be a problematic issue and is becoming more dangerous as scammers adapt to preventive measures taken by the IRS and law enforcement. Thieves work year-round to steal personal identification, bank or investment account balances, and tax payments or refunds.
This year’s stimulus payments and tax law changes are providing scammers additional opportunities to attempt to deceive taxpayers into giving them access to their computers and personal information. Email, telephone calls, text messages and social media channels are all used to persuade or intimidate taxpayers into providing such data. With the extension to May 17 for the April 15 deadline, this alert is to remind taxpayers to remain vigilant in protecting sensitive information throughout the year.
One of the most recent schemes involves emails supposedly containing tax documents. Hackers entice the recipients to open embedded attachments, which then release malware onto computers capable of stealing personal data and possibly even tax refunds.
Taxpayers receive an email seemingly from a trusted source containing documents purported to be related to their tax return. If opened, these attachments appear blurry on the screen and a “helpful” prompt pops up asking the viewer to click through to edit the documents. Under the guise of viable software, often even including fake service package offerings, promotions and sales, the taxpayer, instead, downloads onto their computer invasive malware, which now allows scammers to steal personal data and potentially access connected or related computers.
Taxpayers should also be aware of multiple types of pandemic-related scams. Hackers use phishing schemes via email, letters, texts and links coupled with COVID-19 or other pandemic-related language to obtain personal identifying data, passwords and other login information in order to steal economic impact payments and other stimulus benefits. Fake charities are another mechanism thieves are using to play on people’s emotions and instead steal money and identifiable information.
In the refund scam, perpetrators execute the heist by stealing taxpayer data and using it to file fraudulent returns by posing as the taxpayers. Overpayments are refunded via direct deposit into the taxpayers’ bank accounts. Then the thieves contact the taxpayers, stating the refunds were deposited in error and ask that they be returned.
The IRS identified two versions of the scam and warned that it may continue to evolve:
The scheme has been listed by the IRS as one of the “Dirty Dozen” scams identified annually, raising awareness of the many varieties of theft attempted most often during return filing season. Perpetrators alter caller ID numbers, use IRS employee titles and fake badge numbers, and reference the taxpayer’s name, address and other personal information in an effort to make the calls appear legitimate.
Recently, the IRS has seen email schemes targeting tax professionals, payroll professionals, human resources personnel, school systems and individual taxpayers.
In these email schemes, criminals pose as a person or organization the taxpayer trusts or recognizes. They may hack an email account and send mass emails under another person's name. They also pose as a bank, credit card company, a tax software provider or government agency.
These schemes focus on employees rather than the taxpayer directly. Thieves target employees’ roles at work, especially human resources or finance-related roles. They mask their communications to appear to be coming from a boss or co-worker, or from a trusted business associate, such as a payroll provider. They then request information instead of money, typically, employee data such as W-2 forms.
Identity thieves often go to great lengths to create websites that appear legitimate but contain phony login pages. Fake emails and websites also can infect a taxpayer's computer with malware without the user knowing, thereby giving thieves’ access to the computer. Recognizing a plot is critical to prevent further damage. Things to consider include:
Keep in mind, the IRS generally conducts its correspondence via the U.S. mail. In addition,
If contacted by any of the above methods or any semblance thereof, taxpayers should:
Taxpayers can take a number of steps to help prevent identity theft:
For more, see the IRS Taxpayer Guide to Identity Theft.
For more information on these topics, or to learn how Baker Tilly tax specialists can help, contact our team.
The information provided here is of a general nature and is not intended to address the specific circumstances of any individual or entity. In specific circumstances, the services of a professional should be sought. Tax information, if any, contained in this communication was not intended or written to be used by any person for the purpose of avoiding penalties, nor should such information be construed as an opinion upon which any person may rely. The intended recipients of this communication and any attachments are not subject to any limitation on the disclosure of the tax treatment or tax structure of any transaction or matter that is the subject of this communication and any attachments.