Tax season is upon us, which means we need to be alert for cyber threats. Although it's important to be cautious throughout the year, cyber criminals have a tendency to escalate their mischief during the tax season. According to the Federal Trade Commission, tax-related identity theft is the most common type of identity theft. Here’s what you need to look out for.
IRS - Impersonation Phone Scams
According to the IRS, in recent years, thousands of individuals have lost millions of dollars to phone scams known as “Vishing” (voice phishing). Callers claiming to work for the IRS will insist that you owe money and that it needs to be paid immediately either through wire services or gift cards. These impersonators are trained to sound very persuasive as their goal is to trick you into sharing private information. They’ll usually alter the caller ID to make it appear as if the IRS is calling and use fake names and IRS ID badge numbers. When you don’t pick up, you’ll often receive a voicemail prompting you to call back urgently.
It’s important to know that if the IRS actually needs to get in touch with you, it’s usually done so through the mail. There are some circumstances where they will call, however, you’ll usually receive a letter, sometimes multiple, (referred to as notices) in the mail prior to the call. If you know you owe money, call the IRS at 1.800.829.1040 to work out any payment issues.
Email is another common form of contact used by cyber criminals during the tax season. They send emails intended to trick taxpayers into believing that they are receiving official messages from the IRS, or other professionals in the tax industry. The phishing email will typically ask the recipient to click on an embedded link to confirm your information, which will re-direct them to a fraudulent website disguised as a legitimate business website. This is referred to as website spoofing. Their ultimate goal is to obtain your personal information including passwords, credit card number, social security number, and use this sensitive information to commit fraud.
What you need to know is that a legitimate company won’t ask for personal information over email. When a legit company does contact you, they’ll address you by your name, whereas a phishing email will often use generic salutations like “Dear Valued Customer.” Be sure to check the domain name of the sender, not just their name, and check for any small alterations to the email address such as additional numbers and letters. Know that legit companies don’t send unsolicited attachments. Finally, look for grammatical errors, because this is a red flag that the email is fraudulent.
Ghost Tax Return Preparers
When you use a professional tax return service, you’ll see the Preparer Tax Identification Number (PTIN), which is an identification number on paperwork submitted to the IRS. A ghost preparer doesn’t sign a tax return they prepare, so you won’t see a PTIN. According to the IRS, ghost tax return preparers may also:
- Require a cash payment and provide no receipt
- Invent income to qualify their clients for tax credits
- Claim fake reductions to boost the size of the refund
- Direct refunds into their bank account, instead of the taxpayers account
When deciding on your tax return preparer, choose wisely. It’s imperative that the preparer has the appropriate credentials. Any preparer who promises a large refund that seems too good to be true is a red flag for fraudulent activity.
Remember, the IRS doesn’t initiate contact with taxpayers by email, text messages, or social media and request sensitive personal or financial information. When in doubt you can always call your trusted financial advisor. Understanding these red flags can save you from a lot of trouble in the future.