The Focus - Our Tax E-Newsletter
Common Scams and Safety Precautions
Tax season is here yet again and the cyber criminals have been working nonstop to hold data ransom, steal identities, and collect refund checks.
The worst and most ingenious attack was the 2020 SolarWinds breach that left our United States Government and many worldwide fortune 500 companies exposed to Russian hackers. SolarWinds is an expensive network monitoring program used by large companies (mainly because of its cost) to help maintain the security of their networks. The Russian hackers came up with the idea to infiltrate the SolarWinds system thus giving them access to any company that uses the product. This breach was highly effective and critically influenced local, state and federal agencies in the US, in addition to private companies including Microsoft.
It has been a busy year for the IT departments and it is not going to slow anytime soon. In fact, you may have already received remnants of past large data breaches with the new unemployment scam that has been around since last summer. Employees in your office and/or your HR department may have received a letter from the state saying that they filed for unemployment recently. This is a direct result of social security numbers that were compromised years ago. It is important to be aware of the scams happening around us and always erring on the side of security, especially with all that is going on in the world today.
COVID-19 Consumer Scams
As COVID-19 continues to affect the United States we are now seeing scams that are aimed to prey on virus-related fears. The pandemic has opened up a wide-range breach of data specifically targeting hospitals and medical practices, in addition to the plethora of fake COVID phishing attacks designed to steal our passwords. Below are some of the common COVID-19 Consumer Scams we are seeing.
- COVID Vaccine Scams – Calls or texts asking you to pay for a vaccine.
- COVID Text Scams - Texts falsely advertising a cure or offer fake tests.
- Robocall Scams – Robocalls focused on health and financial concerns connected to COVID-19.
- Delivery Notification Scams – Calls or texts notifying you of a fake delivery. As online shopping increased, so have the delivery notification scams.
- Insurance Fraud – Calls fishing for insurance information, money or both and can come in the form of antibodies test scams or pharmacy scams.
- Contact Tracing Scams – Texts or calls impersonating contact tracers and claiming the contacted party has been exposed to COVID-19 and needs to act quickly.
- Senior Targeted Scams - Robocall and text scammers specifically targeting older Americans with concerns about health and finances.
- Peer-to-peer (P2P) Mobile Payment App Scams - Communications to create quick misstep in P2P app and can come in the form of fake charitable donations using P2P app.
Tax scams occur every year during tax season. Scams are also known to become more persistent during times of crisis. As we are now going through another tax season during the COVID pandemic, it is vital that you stay alert for different types of scams affecting taxpayers. Below are some tax scams to lookout for:
- Fee for Stimulus Check - This has been a recent scam related to the ongoing government response to COVID and will continue to be a prevalent with Congress aiming to pass another relief bill. Many taxpayers will qualify for a stimulus check, but be aware that you do not have to pay a fee in order to receive the money.
- Claiming to Suspend Your SSN - As we know, scams related to SSNs have been around for a long time and are unfortunately not going away as these scammers become more creative and manipulative. According to the IRS the most recent SSN scam is the scammers claiming that they will suspend or cancel your SSN. The purpose of this scam is to intimidate you to answer or return the phone call. Should this happen to you, you should immediately hang up and block the number.
- IRS Impersonation Emails - A common tactic among scammers are phishing scams. Specifically during tax season, scammers will send a very legitimate-looking email that appear to be from the IRS. The emails have links that will show an IRS.gov-like website with details about your tax refund, electronic return or tax account. The email will also contain a “temporary password” to “access” the files to submit the refund but this is a malicious file. Always remember the IRS will not send you emails about your tax information.
- Identity Theft - Be careful who you give your personal and financial information too. Scammers may reach out via email or phone call posing as the IRS, but a real IRS agent will not do this. One possible end goal of the scammers is to try to steal your personal information, file a fake tax return, and collect your refund. More than 89,000 taxpayers filed a complaint last year reporting identity theft tax fraud, making it the most reported type of fraud in 2020.
- Natural Disaster Scams - Scammers might try to take advantage of the generosity of taxpayers in these difficult times who want to help those effected by natural disasters. Be wary of unsolicited calls, contact through social media, fake websites, or emails asking for money on behalf of a charity. Extensive information on disaster related tax issues and legitimate charities can be found on the IRS website.
- Calls from the Taxpayer Advocate Service - As we all know the IRS phone impersonation scams have been around for a while, but this year there is new one to be on the lookout for. The scammers are now claiming to be from the Taxpayer Advocate Service (TAS). The TAS will also never contact you through phone calls, the taxpayer will always have to contact the TAS first.
The IRS will NEVER…
We never want our clients to become victim of these scammers; therefore remembering these tips will help protect you against them:
- The IRS will not call you requesting personal or financial information; they will first make contact through the mail. They will also not email you, text you, contact you through social media, or leave a prerecorded voicemail.
- The IRS will never call to demand immediate payment using a specific payment such as a prepaid debit card or gift card. There are many options to available to pay a tax bill, but the IRS does not support those methods of payment.
- The IRS will never threaten to immediately bring in the local authorities to arrest you for not paying. They do not have the authority to revoke your driver's license, business license, or immigration status.
- The IRS will never call you about an unexpected refund or ask for your debit or credit card numbers over the phone.
- The IRS will never demand that taxes be paid without giving the taxpayers the opportunity to question or appeal the proposed amount due. This is established in the Taxpayers Bill of Rights, which outlines what the IRS can and can't do.
Please use the IRS website to locate the email to report IRS or Treasury related fraudulent calls in order to mitigate these scammers. Taxpayers can also contact the TIGTA to report fraudulent phone calls using their website or by calling them. Lastly, taxpayers can also report it to the Federal Trade Commission using their website.
Ways to Protect Yourself
- Only work with tax professionals that you trust and will sign your return. Them refusing to sign your return even though they prepared it is a red flag.
- Never give personal or financial information to strangers through email or over the phone.
- Never download attachments or click on links from emails supposedly from the IRS.
- Check your bank account and credit card statements regularly for any questionable activity.
- File your tax return early, which would limit the opportunity for someone else to do it with your identity.
- Get an Identity Protection Personal Identification Number. You apply and get this directly from the IRS, meaning this unique number is another piece of information scammers would need before committing fraud against you.
- Change your passwords regularly (every 3 months) on both your work and personal accounts.
No amount of money or enhanced security is going to stop any of this from happening. The best we can all do at this point is be vigilant. Do not give into curiosity with emails; If an email does not look legitimate, it is probably not. If you are on the fence, call the sender directly to verify it. If you get a phone call or a message on your screen from someone saying your computer is infected, call your IT department first. If you have any questions or concerns about scams, please do not hesitate to contact a trusted Dermody, Burke and Brown tax advisor.
Christopher Hannan is the Director of IT and IT Auditor at Dermody, Burke & Brown. He is an IT expert, with over 20 years’ experience in the electronic industry, and is the owner of Optimal Technologies, LLC. Christopher is experienced in Network Engineering, Design, Auditing, Forensic Analysis, Communications and Security. His certifications include Microsoft, CISCO, HP and IBM.
The information reflected in this article was current at the time of publication. This article will not be modified or updated for any subsequent tax law changes, if any.