The IRS maintains a Tax Scams / Consumer Alerts page to educate and keep employers and employees up to date on the latest threats. The IRS is urging vigilance as they expect a surge in email, Phising, and Malware Schemes.
March 21, 2018:
IRS wraps up ‘Dirty Dozen’ list of tax scams for 2018; Encourages taxpayers to remain vigilant
2018 "Dirty Dozen" scams:
Phone Scams: IR-2018-40
Identity Theft: IR-2018-42
Return Preparer Fraud: IR-2018-45
Fake Charities: IR-2018-47
Inflated Refund Claims: IR-2018-48
Excessive Claims for Business Credits: IR-2018-49
Falsely Padding Deductions on Returns: IR-2018-54
Falsifying Income to Claim Credits: IR-2018-55
Frivolous Tax Arguments: IR-2018-58
Abusive Tax Shelters: IR-2018-62
Offshore Tax Avoidance: IR-2018-64
March 12, 2018 Alert:
Taxpayers alerted against falsely inflated refunds in ‘Dirty Dozen’ list; Seniors, many others at risk
IR-2018-48, March 12, 2018
WASHINGTON — The Internal Revenue Service warned taxpayers today to be alert to unscrupulous return preparers touting inflated tax refunds. These scam artists frequently prey on older Americans, low-income taxpayers and others with promises of big refunds.
These refund scams remain on the agency’s annual "Dirty Dozen" list of most prevalent tax scams.
Scam artists pose as tax preparers during tax time, luring victims by promising large federal tax refunds. They use flyers, advertisements, phony storefronts or word of mouth to attract victims. They may even make presentations through community groups or churches.
Scammers frequently prey on people who do not have a filing requirement, such as those with low incomes or older Americans. They may also prey on non-English speakers who may or may not have a requirement to file a tax return.
Con artists dupe people into making claims for fictitious rebates, benefits or tax credits. They may also file a false return in their client’s name, and the client never knows that a refund was paid.
Scam artists may also victimize those with a filing requirement who are due a refund. They do this by promising larger refunds based on fake Social Security benefits and false claims for education credits or the Earned Income Tax Credit (EITC) among others.
Those perpetrating these scams can see significant penalties and interest and possible criminal prosecution. To protect taxpayers, the IRS Criminal Investigation Division works closely with the Department of Justice to shutdown scams and prosecute the criminals behind them.
Falsely Claiming Zero Wages, Filing Phony Forms W-2, 1099
For years, the IRS has seen a series of contorted and creative efforts by scam artists who try to avoid taxes.
Filing a phony information return, such as a Form 1099 or W-2, is an illegal way to lower the amount of taxes owed. The use of self-prepared, “corrected” or otherwise bogus forms that improperly report taxable income as zero is illegal. So is an attempt to submit a statement rebutting wages and taxes reported by a third-party payer to the IRS.
Some people also attempt fraud using false Form 1099 refund claims. In some cases, individuals have made refund claims based on the bogus theory that the federal government maintains secret accounts for U.S. citizens and that taxpayers can gain access to the accounts by issuing 1099-OID forms to the IRS.
Taxpayers should resist the temptation to participate in any variations of this scheme. The IRS is aware of this scam, and the courts have consistently rejected attempts to use this tax dodge. Perpetrators receive significant penalties, imprisonment or both. Simply filing this type of return may result in a $5,000 penalty.
The IRS sometimes hears about scams from victims worried about losing their federal benefits, such as Social Security, veterans or low-income housing benefits. The loss of benefits comes as a result of false claims being filed with the IRS that provided incorrect income amounts.
Choose Tax Preparers Wisely
Honest tax preparers provide their customers a copy of the tax return they’ve prepared. Scam victims frequently are not given a copy of what was filed. Victims also report that the fraudulent refund is deposited into the scammer’s bank account. The scammers deduct a large “fee” before paying victims, a practice not used by legitimate tax preparers.
The IRS reminds taxpayers that they are legally responsible for what’s on their return even if it was prepared by someone else. Taxpayers who buy into such schemes can end up being penalized for filing false claims or receiving fraudulent refunds.
Taxpayers can help protect themselves by taking some simple steps before choosing a tax preparer. Start with the IRS Directory of Federal Tax Return Preparers with Credentials and Select Qualifications. This tool can help taxpayers find a tax return professional with the right qualifications. The Directory is a searchable and sortable listing of preparers registered with the IRS. It includes the name, city, state and zip code of:
Enrolled Retirement Plan Agents
Annual Filing Season Program participants
Also check the preparer’s history. Ask the Better Business Bureau about the preparer. Check for disciplinary actions and the license status for credentialed preparers. For CPAs, check with the State Board of Accountancy. For attorneys, check with the State Bar Association. For Enrolled Agents, go to IRS.gov and search for “verify enrolled agent status” or check the Directory.
To find more tips on choosing a tax professional, understanding the differences in credentials and qualifications, researching the IRS preparer directory or learning how to submit a complaint regarding a tax return preparer visit www.irs.gov/chooseataxpro.
March 6, 2018 :
Despite recent IRS warning, city school system falls victim to W-2 Phishing scam.
March 5, 2018 Alert:
Phishing Schemes Make IRS ‘Dirty Dozen’ List of Tax Scams for 2018; Individuals, Businesses, Tax Pros Urged to Remain Vigilant
IRS YouTube Videos:
IR-2018-39, March 5, 2018
WASHINGTON — Following continuing threats to taxpayers, the Internal Revenue Service today listed email “phishing” schemes as a top filing season concern and part of the annual listing of the “Dirty Dozen” tax scams for 2018.
The IRS warned taxpayers, businesses and tax professionals to be alert to fake emails or websites looking to steal personal information. These attempts can expand during tax season and remain a major identity theft threat.
Compiled annually by the IRS, the “Dirty Dozen” lists a variety of common scams that taxpayers may encounter any time of the year, but many of these schemes peak during filing season as people prepare their tax returns or seek help from tax professionals.
To help protect taxpayers, the IRS is highlighting each of these scams on 12 consecutive days to help raise awareness. The IRS also urges taxpayers to help protect themselves against identity theft by reviewing safety tips prepared the Security Summit, a collaborative effort between the IRS, states and the private-sector tax community.
“We urge taxpayers to watch out for these tricky and dangerous schemes,” said Acting IRS Commissioner David Kautter. “Phishing and other scams on the ‘Dirty Dozen’ list can trap unsuspecting taxpayers. Being cautious and taking basic security steps can help protect people and their sensitive tax and financial data.”
2018 Sees New Phishing Schemes
The IRS continues to see a steady onslaught of new and evolving phishing schemes as scam artists work to victimize taxpayers during filing season.
In a recent twist to a phishing scam, the IRS has seen thousands of taxpayers victimized by an unusual scheme that involves their own bank accounts. After stealing client data from tax professionals and filing fraudulent tax returns, the criminals use taxpayers' real bank accounts to direct deposit refunds. Thieves are then using various tactics to reclaim the refund from the taxpayers, including falsely claiming to be from a collection agency or representing the IRS. Phone calls, emails and web sites are used to make the scheme more elaborate. Versions of the scam may continue to evolve. The IRS encourages taxpayers to review some basic tips if they see an unexpected deposit in their bank account.
In addition, the IRS has seen email schemes in recent weeks targeting tax professionals, payroll professionals, human resources personnel, schools as well as individual taxpayers.
In these email schemes, criminals pose as a person or organization the taxpayer trusts or recognizes. They may hack an email account and send mass emails under another person’s name. Or they may pose as a bank, credit card company, tax software provider or government agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in pages. These criminals hope victims will “take the bait” and provide money, passwords, Social Security numbers and other information that can lead to identity theft.
Fake emails and websites also can infect a taxpayer’s computer with malware without the user knowing it. The malware gives the criminal access to the device, enabling them to access all sensitive files or even track keyboard strokes, exposing login information.
For those participating in these schemes, such activity can lead to significant penalties and possible criminal prosecution. IRS Criminal Investigation works closely with the Department of Justice to shutdown scams and prosecute the criminals behind them.
Tax Pro Alert
Numerous data breaches in the past year mean the entire tax preparation community must be on high alert during filing season to any unusual activity. Criminals increasingly target tax professionals, deploying various types of phishing emails in an attempt to access client data. Thieves may use this data to impersonate taxpayers and file fraudulent tax returns for refunds.
As part of the Security Summit initiative, the IRS has joined with representatives of the software industry, tax preparation firms, payroll and tax financial product processors and state tax administrators to combat identity theft refund fraud to protect the nation's taxpayers.
The Security Summit partners encourage tax practitioners to be wary of communicating solely by email with potential or even existing clients, especially if unusual requests are made. Data breach thefts have given thieves millions of identity data points including names, addresses, Social Security numbers and email addresses. If in doubt, tax practitioners should call to confirm a client’s identity.
What to Do with Phishing Attempts
If a taxpayer receives an unsolicited email that appears to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System (EFTPS), they should report it by sending it to email@example.com. Learn more by going to the Report Phishing and Online Scams page on IRS.gov.
Tax professionals who receive unsolicited and suspicious emails that appear to be from the IRS or related to the e-Services program also should report it by sending it to firstname.lastname@example.org.
It is important to keep in mind the IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.
February 13, 2018 Alert:
Scam Alert: IRS Urges Taxpayers to Watch Out for Erroneous Refunds; Beware of Fake Calls to Return Money to a Collection Agency
WASHINGTON – The Internal Revenue Service today warned taxpayers of a quickly growing scam involving erroneous tax refunds being deposited into their bank accounts. The IRS also offered a step-by-step explanation for how to return the funds and avoid being scammed.
Following up on a Security Summit alert issued Feb. 2, the IRS issued this additional warning about the new scheme after discovering more tax practitioners’ computer files have been breached. In addition, the number of potential taxpayer victims jumped from a few hundred to several thousand in just days. The IRS Criminal Investigation division continues its investigation into the scope and breadth of this scheme.
These criminals have a new twist on an old scam. After stealing client data from tax professionals and filing fraudulent tax returns, these criminals use the taxpayers' real bank accounts for the deposit.
Thieves are then using various tactics to reclaim the refund from the taxpayers, and their versions of the scam may continue to evolve.
Different Versions of the Scam
In one version of the scam, criminals posing as debt collection agency officials acting on behalf of the IRS contacted the taxpayers to say a refund was deposited in error, and they asked the taxpayers to forward the money to their collection agency.
In another version, the taxpayer who received the erroneous refund gets an automated call with a recorded voice saying he is from the IRS and threatens the taxpayer with criminal fraud charges, an arrest warrant and a “blacklisting” of their Social Security Number. The recorded voice gives the taxpayer a case number and a telephone number to call to return the refund.
As it did last week, the IRS repeated its call for tax professionals to step up security of sensitive client tax and financial files.
The IRS urged taxpayers to follow established procedures for returning an erroneous refund to the agency. The IRS also encouraged taxpayers to discuss the issue with their financial institutions because there may be a need to close bank accounts. Taxpayers receiving erroneous refunds also should contact their tax preparers immediately.
Because this is a peak season for filing tax returns, taxpayers who file electronically may find that their tax return will reject because a return bearing their Social Security number is already on file. If that’s the case, taxpayers should follow the steps outlined in the Taxpayer Guide to Identity Theft. Taxpayers unable to file electronically should mail a paper tax return along with Form 14039, Identity Theft Affidavit, stating they were victims of a tax preparer data breach.
February 8, 2018 Alert:
The IRS Urges Vigilance as Cybercriminals are Increasingly Hunting for Personal Data from Businesses and Homes.
Last year, multiple data breaches from outside the tax system means cybercriminals have basic information on millions of Americans, such as names, Social Security numbers and addresses. The steps taken by the Security Summit partners since 2015 help protect against fraudulent tax filings that use this basic data. As the IRS and Security Summit partners have strengthened their defenses, identity thieves are looking to steal more detailed financial information to help provide a more detailed, realistic tax return to better impersonate legitimate taxpayers. Because they need more personal data, cyberthieves increasingly are targeting tax professionals, human resource departments, businesses and other places that have large amounts of sensitive financial information. The IRS continues to see a number of these schemes in attempts to get taxpayer W-2 information from tax professionals and employers.
Everyone must be vigilant and alert. Both taxpayers and tax professionals are encouraged to:
Use Security Software. Always use security software with firewall and anti-virus protections. Make sure the security software is always turned on and can automatically update. Encrypt sensitive files, such as tax records, stored on computers. Use strong, unique passwords for each account.
Watch out for scams. Learn to recognize and avoid phishing emails, threatening calls and texts from thieves posing as legitimate organizations such as banks, credit card companies and even the IRS or a tax software firm. Do not click on links or download attachments from unknown or suspicious emails.
Protect personal data. Don’t routinely carry Social Security cards and make sure tax records are secure. Shop at reputable online retailers. Treat personal information like cash; don’t leave it lying around.
For more information, see www.irs.gov/identitytheft.
January 17, 2018 Alert:
A recent scam alert warns that Cybercriminals pose as executives (who are often identified on the organization website) and send emails from spoofed email accounts to payroll personnel requesting copies of Forms W-2 for all employees. Read the full alert below for a full description of the scam and what to do if you are victimized.
IRS, States and Tax Industry Warn Employers to Beware of Form W-2 Scam; Tax Season Could Bring New Surge in Phishing Scheme
IR-2018-8, Jan. 17, 2018
WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today urged all employers to educate their payroll personnel about a Form W-2 phishing scam that made victims of hundreds of organizations and thousands of employees last year.
The Form W-2 scam has emerged as one of the most dangerous phishing emails in the tax community. During the last two tax seasons, cybercriminals tricked payroll personnel or people with access to payroll information into disclosing sensitive information for entire workforces. The scam affected all types of employers, from small and large businesses to public schools and universities, hospitals, tribal governments and charities.
Reports to email@example.com from victims and nonvictims about this scam jumped to approximately 900 in 2017, compared to slightly over 100 in 2016. Last year, more than 200 employers were victimized, which translated into hundreds of thousands of employees who had their identities compromised.
By alerting employers now, the IRS and its partners in the Security Summit effort hope to limit the success of this scam in 2018. The IRS last year also created a new process by which employers should report these scams. There are steps the IRS can take to protect employees, but only if the agency is notified immediately by employers about the theft.
Here’s how the scam works: Cybercriminals do their homework, identifying chief operating officers, school executives or others in positions of authority. Using a technique known as business email compromise (BEC) or business email spoofing (BES), fraudsters posing as executives send emails to payroll personnel requesting copies of Forms W-2 for all employees.
The Form W-2 contains the employee’s name, address, Social Security number, income and withholdings. Criminals use that information to file fraudulent tax returns, or they post it for sale on the Dark Net.
The initial email may be a friendly, “hi, are you working today” exchange before the fraudster asks for all Form W-2 information. In several reported cases, after the fraudsters acquired the workforce information, they immediately followed that up with a request for a wire transfer.
In addition to educating payroll or finance personnel, the IRS and Security Summit partners also urge employers to consider creating a policy to limit the number of employees who have authority to handle Form W-2 requests and that they require additional verification procedures to validate the actual request before emailing sensitive data such as employee Form W-2s.
If the business or organization victimized by these attacks notifies the IRS, the IRS can take steps to help prevent employees from being victims of tax-related identity theft. However, because of the nature of these scams, some businesses and organizations did not realize for days, weeks or months that they had been scammed.
The IRS established a special email notification address specifically for employers to report Form W-2 data thefts. Here’s how Form W-2 scam victims can notify the IRS:
Email firstname.lastname@example.org to notify the IRS of a Form W-2 data loss and provide contact information, as listed below.
In the subject line, type “W2 Data Loss” so that the email can be routed properly. Do not attach any employee personally identifiable information data.
Include the following:
Business employer identification number (EIN) associated with the data loss
Contact phone number
Summary of how the data loss occurred
Volume of employees impacted
Businesses and organizations that fall victim to the scam and/or organizations that only receive a suspect email but do not fall victim to the scam should send the full email headers to email@example.com and use “W2 Scam” in the subject line.
Employers can learn more at Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.
Employers should be aware that cybercriminals’ scams constantly evolve. Finance and payroll personnel should be alert to any unusual requests for employee data.