Tax Scammers Phishing Attempts Getting More Bold
Amazingly, the IRS has seen an increase close to 400 percent in phishing and malware incidents so far this tax season.
The National Association of Enrolled Agents (NAEA), the association that represents tax practitioners licensed by the IRS, has member reports of emails that try to fool tax preparers into downloading supposed client tax documents from Dropbox accounts, as well as accounts of clients being emailed by crooks pretending they are tax preparers referred by a mutual acquaintance.
One notice that looks fairly convincing with the subject line “Your Tax Records are Inconsistent” asks recipients to “click here” on a dangerous link with IRS.gov in the URL. Enrolled agents report phishing emails with the subject line “Update Filing Info (IRS),” and there has even been a text message circulating which claims to be from the IRS and warns recipients to “Please visit www.irs.gov.confirmed44ID.us and avoid being fined.”
Rest assured, IRS will never text you! Or call or email out of the blue.
As if there weren’t already enough schemes out there to steal your identity, crooks have a new scam involving gaining access to employees’ tax forms W-2. In this scenario, emails are sent to human resources departments, supposedly from high-ranking company executives, requesting W-2s for a list of employees. Those forms have personal data that includes social security numbers. The scam was successful recently at Snapchat, a social media company in Venice, CA. Someone posing as Chief Executive Evan Spiegel requested W-2 data for nearly 700 current and past employees. Shortly after the information was sent, the HR employee became suspicious, but the information was already in the wrong hands.
“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data,” said IRS Commissioner John Koskinen. “If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”
NAEA has been sharing phishing scams with its members weekly since the beginning of the year in order to help them identify some of the more realistic emails. During this prime time for tax scams, enrolled agents encourage their clients to send them any suspicious emails and, above all, not to open or click on any emails from the IRS. The IRS will contact you by mail if it needs to reach you. Source: CPA Practice Advisor.