Back to top

IRS Warns of Continued Scams, Varied Tactics as the Tax Deadline Nears

Click here to go back

 

IRS Warns of Continued Scams, Varied Tactics as the Tax Deadline Nears

IR-2016-62, April 13, 2016

WASHINGTON — The Internal Revenue Service today issued a warning that scammers may try using the April 18 tax deadline to prey on hard-working taxpayers by impersonating the IRS and others with fake phone calls and emails. Even after the tax deadline passes, taxpayers should know the telltale signs of a scam and tips to protect themselves from a variety of phone scams and phishing emails.

"We’ve seen continuing activity in these scams throughout the filing season," said IRS Commissioner John Koskinen. "As the tax deadline nears, these criminals may try and trick honest taxpayers over the phone or via email, and people should remain vigilant. After the tax deadline, watch out for these scammers promising a refund or threatening you with an unexpected tax bill."

These scam artists frequently masquerade as being from the IRS, a tax company and sometimes even a state revenue department. By email, they try enticing people to click on links in official-looking messages containing questions related to their "tax refund." Report these emails to phishing@irs.gov. By phone, many scammers use threats to intimidate and bully people into paying a "tax bill." They may even threaten to arrest, deport or revoke the driver’s license of their victim if they don’t get the money.

Variations of these scams can be seen nationwide, and it’s more important than ever to be cautious with providing personal or financial information. As part of the effort to protect taxpayers, the IRS has teamed up with state revenue departments and the tax industry to make sure taxpayers understand the dangers to their personal and financial data as part of the “Taxes. Security. Together” campaign.   

Some examples of the varied tactics seen this year are:

  • Soliciting W-2 information from payroll and human resources professionals (see news release IR-2016-34)

  • “Verifying” tax return information over the phone (IR-2016-40)

  • Pretending to be from the tax preparation industry (IR-2016-28

    There are some important reminders for taxpayers nationwide about these schemes.

    Watch Out for Threatening Phone Calls

    Beware of scammers making unsolicited calls claiming to be IRS officials. They demand that the victim pay a bogus tax bill. They con the victim into sending cash, usually through a prepaid debit card or wire transfer. They may also leave “urgent” callback requests through phone “robo-calls,” or via a phishing email.

    Scammers often alter caller ID numbers to make it look like the IRS or another agency is calling. The callers use IRS titles and fake badge numbers to appear legitimate. They may use the victim’s name, address and other personal information to make the call sound official.

    The IRS Will Never:

  • Call to demand immediate payment over the phone, nor will the agency call about taxes owed without first having mailed you a bill.

  • Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.

  • Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.

  • Require you to use a specific payment method for your taxes, such as a prepaid debit card.

  • Ask for credit or debit card numbers over the phone.

    If you get a phone call from someone claiming to be from the IRS and asking for money and you don’t owe taxes, here’s what you should do:

  • Do not give out any information. Hang up immediately.

  • Contact TIGTA to report the call. Use their “IRS Impersonation Scam Reporting” web page or call 800-366-4484.

  • Report it to the Federal Trade Commission. Use the “FTC Complaint Assistant” on FTC.gov. Please add “IRS Telephone Scam” in the notes.

  • If you think you might owe taxes, call the IRS directly at 1-800-829-1040.

    Avoid Email Phishing Attempts

    There has been a surge in email scams this year that appear to be from a tax agency or a tax software company. 

    Never reply to emails, texts or pop-up messages asking for your personal, tax or financial information. One common trick by criminals is to impersonate a business such as your financial institution, tax software provider or the IRS, asking you to update your account and providing a link. For small business, these schemes may try impersonating a company leader and request payroll and human resource information for employees in your company. Never click on links even if they seem to be from organizations you trust. Go directly to the organization’s website.

    And if it sounds too good to be true, it probably is. If you see an email that says "You won a free cruise" or "The IRS has a refund waiting for you," odds are high that it is a phishing attempt looking to get your personal information.

    If you get a phishing email, remember this important advice:

  • Don’t reply to the message.

  • Don’t give out your personal or financial information.

  • Forward the email to phishing@irs.gov. Then delete it.

  • Don’t open any attachments or click on any links. They may have malicious code that will infect your computer.

    More information on how to report phishing or phone scams is available on IRS.gov.

    Related Items:

  • www.irs.gov/identitytheft

  • Fact sheet FS-2016-1, IRS, States and Tax Industry Combat Identity Theft and Refund Fraud on Many Fronts

  • FS-2016-2, IRS, States and Tax Industry Urge Taxpayers to Join the Effort to Combat Identity Theft

  • FS-2016-3, IRS Identity Theft Victim Assistance: How It Works

  • FS-2016-4, How New Identity Security Changes May Affect Taxpayers for 2016 

     

Don't Take the Bait

Posted by Admin Posted on Aug 03 2017

Don’t Take the Bait  

WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today warned tax professionals that ransomware attacks are on the rise worldwide as bad actors here and abroad infiltrate computer systems and hold sensitive data hostage.

The IRS is aware of a handful of tax practitioners who have been victimized by ransomware attacks. The Federal Bureau of Investigation recently cautioned that ransomware attacks are a growing and evolving crime threatening the private and public sectors as well as individuals.

The “Don’t Take the Bait” campaign, a 10-week security awareness campaign aimed at tax professionals, hopes to increase awareness about these attacks. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to learn to protect themselves. This is part of the ongoing Protect Your Clients; Protect Yourself effort.

“Tax professionals face an array of security issues that could threaten their clients and their business,” IRS Commissioner John Koskinen said. “We urge people to take the time to understand these threats and take the steps to protect themselves. Don’t just assume your computers and systems are safe.” Ransomware is a type of malware that infects computers, networks and servers and encrypts (locks) data. Cybercriminals then demand a ransom to release the data. Users generally are unaware that malware has infected their systems until they receive the ransom request.

The 2017 Phishing Trends and Intelligence Report issued annually by Phish labs named ransomware one of two transformative events of 2016 and called its rapid rise a public epidemic.

In May 2017, a ransomware attack dubbed “WannaCry” targeted users who failed to install a critical update to their Microsoft Windows operating system or who were using pirated versions of the operating system. Within a day, criminals held data on 230,000 computers in 150 countries for ransom.

The most common delivery method of this malware is through phishing emails. The emails lure unsuspecting users to either open a link or an attachment. However, the FBI also has warned that ransomware is evolving and cybercriminals can infect computers by other methods, such as a link that redirects users to a website that infects their computer.

Victims should not pay a ransom. Paying it further encourages the criminals. Often the scammers won’t provide the decryption key even after a ransom is paid.

Tips to Prevent Ransomware Attacks

Tax practitioners – as well as businesses, payroll departments, human resource organizations and taxpayers – should talk to an IT security expert and consider these steps to help prepare for and protect against ransomware attacks:

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • For digital devices, ensure that security patches are installed on operating systems, software and firmware. This step may be made easier through a centralized patch management system.
  • Ensure that antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts — no users should be assigned administrative access unless necessary and only use administrator accounts when needed.
  • Configure computer access controls, including file, directory and network share permissions, appropriately. If users require read-only information, do not provide them with write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers, compression/decompression programs.
  • Back up data regularly and verify the integrity of those backups.
  • Secure backup data. Make sure the backup device isn’t constantly connected to the computers and networks they are backing up. This will ensure the backup data remains unaffected by ransomware attempts.

Victims should immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. Tax practitioners who fall victim to a ransomware attack also should contact their local IRS stakeholder liaison

 

IR-2012-86, Nov. 4, 2012

WASHINGTON — As part of the administration’s continued support for states and local partners impacted by Hurricane Sandy, the Treasury Department and the Internal Revenue Service today announced that they will waive low-income housing tax credit rules that prohibit owners of low-income housing from providing housing to victims of Hurricane Sandy who do not qualify as low-income. The action will expand the availability of housing for disaster victims and their families.

Because of the widespread devastation to housing caused by Hurricane Sandy, the Treasury Department and the IRS will temporarily suspend income limitation requirements and non-transient requirements for qualified low-income housing projects that provide housing to victims of Hurricane Sandy.

The President has declared that major disasters exist in Connecticut, New York and New Jersey, making federal funding available to affected individuals in designated counties through the Federal Emergency Management Agency (FEMA). Assistance can include grants for temporary housing and home repairs, low-cost loans to cover uninsured property losses, and other programs to help individuals and business owners recover from the effects of the disaster. FEMA has also approved Transitional Sheltering Assistance (TSA) in New York and New Jersey for eligible disaster survivors who have a continuing need for shelter because they are unable to return to their homes for an extended period of time. Individuals and business owners who sustained losses can apply for assistance from FEMA by calling 1-800-621-FEMA (3362) via mobile device at m.fema.gov, or online at www.disasterassistance.gov.