IRS Warns of Continued Scams, Varied Tactics as the Tax Deadline Nears
IR-2016-62, April 13, 2016
WASHINGTON — The Internal Revenue Service today issued a warning that scammers may try using the April 18 tax deadline to prey on hard-working taxpayers by impersonating the IRS and others with fake phone calls and emails. Even after the tax deadline passes, taxpayers should know the telltale signs of a scam and tips to protect themselves from a variety of phone scams and phishing emails.
"We’ve seen continuing activity in these scams throughout the filing season," said IRS Commissioner John Koskinen. "As the tax deadline nears, these criminals may try and trick honest taxpayers over the phone or via email, and people should remain vigilant. After the tax deadline, watch out for these scammers promising a refund or threatening you with an unexpected tax bill."
These scam artists frequently masquerade as being from the IRS, a tax company and sometimes even a state revenue department. By email, they try enticing people to click on links in official-looking messages containing questions related to their "tax refund." Report these emails to firstname.lastname@example.org. By phone, many scammers use threats to intimidate and bully people into paying a "tax bill." They may even threaten to arrest, deport or revoke the driver’s license of their victim if they don’t get the money.
Variations of these scams can be seen nationwide, and it’s more important than ever to be cautious with providing personal or financial information. As part of the effort to protect taxpayers, the IRS has teamed up with state revenue departments and the tax industry to make sure taxpayers understand the dangers to their personal and financial data as part of the “Taxes. Security. Together” campaign.
Some examples of the varied tactics seen this year are:
Soliciting W-2 information from payroll and human resources professionals (see news release IR-2016-34)
“Verifying” tax return information over the phone (IR-2016-40)
Pretending to be from the tax preparation industry (IR-2016-28)
There are some important reminders for taxpayers nationwide about these schemes.
Watch Out for Threatening Phone Calls
Beware of scammers making unsolicited calls claiming to be IRS officials. They demand that the victim pay a bogus tax bill. They con the victim into sending cash, usually through a prepaid debit card or wire transfer. They may also leave “urgent” callback requests through phone “robo-calls,” or via a phishing email.
Scammers often alter caller ID numbers to make it look like the IRS or another agency is calling. The callers use IRS titles and fake badge numbers to appear legitimate. They may use the victim’s name, address and other personal information to make the call sound official.
The IRS Will Never:
Call to demand immediate payment over the phone, nor will the agency call about taxes owed without first having mailed you a bill.
Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.
Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
Require you to use a specific payment method for your taxes, such as a prepaid debit card.
Ask for credit or debit card numbers over the phone.
If you get a phone call from someone claiming to be from the IRS and asking for money and you don’t owe taxes, here’s what you should do:
Do not give out any information. Hang up immediately.
Contact TIGTA to report the call. Use their “IRS Impersonation Scam Reporting” web page or call 800-366-4484.
Report it to the Federal Trade Commission. Use the “FTC Complaint Assistant” on FTC.gov. Please add “IRS Telephone Scam” in the notes.
If you think you might owe taxes, call the IRS directly at 1-800-829-1040.
Avoid Email Phishing Attempts
There has been a surge in email scams this year that appear to be from a tax agency or a tax software company.
Never reply to emails, texts or pop-up messages asking for your personal, tax or financial information. One common trick by criminals is to impersonate a business such as your financial institution, tax software provider or the IRS, asking you to update your account and providing a link. For small business, these schemes may try impersonating a company leader and request payroll and human resource information for employees in your company. Never click on links even if they seem to be from organizations you trust. Go directly to the organization’s website.
And if it sounds too good to be true, it probably is. If you see an email that says "You won a free cruise" or "The IRS has a refund waiting for you," odds are high that it is a phishing attempt looking to get your personal information.
If you get a phishing email, remember this important advice:
Don’t reply to the message.
Don’t give out your personal or financial information.
Forward the email to email@example.com. Then delete it.
Don’t open any attachments or click on any links. They may have malicious code that will infect your computer.
More information on how to report phishing or phone scams is available on IRS.gov.
Fact sheet FS-2016-1, IRS, States and Tax Industry Combat Identity Theft and Refund Fraud on Many Fronts
FS-2016-2, IRS, States and Tax Industry Urge Taxpayers to Join the Effort to Combat Identity Theft
FS-2016-3, IRS Identity Theft Victim Assistance: How It Works
FS-2016-4, How New Identity Security Changes May Affect Taxpayers for 2016
Dangerous W-2 Phishing Scam Evolving; Targeting Schools, Restaurants, Hospitals, Tribal Groups and Others
WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry issued an urgent alert today to all employers that the Form W-2 email phishing scam has evolved beyond the corporate world and is spreading to other sectors, including school districts, tribal organizations and nonprofits.
In a related development, the W-2 scammers are coupling their efforts to steal employee W-2 information with an older scheme on wire transfers that is victimizing some organizations twice.
“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,’’ said IRS Commissioner John Koskinen.
When employers report W-2 thefts immediately to the IRS, the agency can take steps to help protect employees from tax-related identity theft. The IRS, state tax agencies and the tax industry, working together as the Security Summit, have enacted numerous safeguards in 2016 and 2017 to identify fraudulent returns filed through scams like this. As the Summit partners make progress, cybercriminals need more data to mimic real tax returns.
Here’s how the scam works: Cybercriminals use various spoofing techniques to disguise an email to make it appear as if it is from an organization executive. The email is sent to an employee in the payroll or human resources departments, requesting a list of all employees and their Forms W-2. This scam is sometimes referred to as business email compromise (BEC) or business email spoofing (BES).
The Security Summit partners urge all employers to be vigilant. The W-2 scam, which first appeared last year, is circulating earlier in the tax season and to a broader cross-section of organizations, including school districts, tribal casinos, chain restaurants, temporary staffing agencies, healthcare and shipping and freight. Those businesses that received the scam email last year also are reportedly receiving it again this year.
Security Summit partners warned of this scam’s reappearance last week but have seen an upswing in reports in recent days.
New Twist to W-2 Scam: Companies Also Being Asked to Wire Money
In the latest twist, the cybercriminal follows up with an “executive” email to the payroll or comptroller and asks that a wire transfer also be made to a certain account. Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars due to wire transfers.
The IRS, states and tax industry urge all employers to share information with their payroll, finance and human resources employees about this W-2 and wire transfer scam. Employers should consider creating an internal policy, if one is lacking, on the distribution of employee W-2 information and conducting wire transfers.
Steps Employers Can Take If They See the W-2 Scam
Organizations receiving a W-2 scam email should forward it to firstname.lastname@example.org and place “W2 Scam” in the subject line. Organizations that receive the scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3,) operated by the Federal Bureau of Investigation.
Employees whose Forms W-2 have been stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft. Employees should file a Form 14039, Identity Theft Affidavit, if the employee’s own tax return gets rejected because of a duplicate Social Security number or if instructed to do so by the IRS.
The W-2 scam is just one of several new variations that have appeared in the past year that focus on the large-scale thefts of sensitive tax information from tax preparers, businesses and payroll companies. Individual taxpayers also can be targets of phishing scams, but cybercriminals seem to have evolved their tactics to focus on mass data thefts.