In an effort to help satisfy your bank’s annual requirement to educate customers, we wanted to share the following security bulletin to easily post on your website for public notice.
The IRS is urging all Americans to be vigilant to these threats, especially during the pandemic and its aftermath. Here is the link for the official IRS release of top 2020 tax scams – its annual ‘Dirty Dozen’ scams for taxpayers to be aware of: IRS “Dirty Dozen” list of tax scams for 2020
Here’s a quick summary of the Dirty Dozen:
- Phishing scams – especially COVID-related. Be alert to potential fake emails or websites looking to steal personal information. The IRS will never initiate contact with taxpayers via email about a tax bill, refund or Economic Impact Payments (EIP). IRS Criminal Investigation has seen a tremendous increase in phishing schemes utilizing emails, letters, texts and links using keywords such as “coronavirus,” “COVID-19” and “Stimulus” in various ways.
- Fake charities. Criminals frequently exploit natural disasters and other situations, such as the current COVID-19 pandemic, by setting up fake charities to steal from people trying to help in times of need. Fraudulent schemes normally start with unsolicited contact by telephone, text, social media, e-mail or in-person using a variety of tactics. Bogus websites use names similar to those of legitimate charities to trick people to send money or provide personal financial information.
- Threatening IRS impersonator phone calls. Bogus and threatening phone calls from a criminal claiming to be with the IRS are common. The IRS will never threaten a taxpayer or demand immediate payment, ask for financial information over the phone, or call about an unexpected refund or Economic Impact Payment (EIP).
- Social media scams. Frequently use events like COVID-19 to try tricking people. Social media enables anyone to share information with anyone else on the Internet and scammers use that information for a wide variety of scams.
- EIP or refund theft. Criminals turned their attention to stealing EIPs (one-time payments to taxpayers provided by the Coronavirus Aid, Relief, and Economic Security (CARES) Act). Criminals use stolen information to file false tax returns or supply other bogus information to the IRS to divert refunds to wrong addresses or bank accounts.
- Senior fraud. Older Americans’ increasing engagement with social media gives scammers another way to engage with seniors, and they need to be alert for a continuing surge of fake emails, text messages, websites and social media attempts to steal personal information.
- Scams targeting non-English speakers. These scams are often threatening in nature. A common IRS impersonation scam involves a taxpayer receiving a telephone call threatening jail time, deportation or revocation of a driver’s license from someone claiming to be with the IRS.
- “Ghost” and other bad return preparers. “Ghost” return preparers don’t sign the tax returns they prepare. They may print the prepared tax return and tell the taxpayer to sign it and mail it to the IRS, or not digitally sign an e-filed return as a paid preparer. By law, paid preparers must sign and include their Preparer Tax Identification Number (PTIN) on returns.
- Tax debt resolution companies. Beware of tax debt resolution companies that exaggerate their ability to settle tax debts for “pennies on the dollar” through an offer in compromise (OIC). An OIC allows a taxpayer to settle a tax debt for less than the full amount owed; it may be a legitimate option if the taxpayer can’t pay the full tax liability or doing so creates a financial hardship.
- Fake payments with repayment demands. Criminals are putting a bogus refund into the taxpayer’s actual bank account. Here’s how the scam works: the scammer files a bogus tax return and has the refund deposited into the taxpayer’s checking or savings account. Once the direct deposit hits the taxpayer’s bank account, the scammer calls the taxpayer posing as an IRS employee and asks the taxpayer to return the money via a specific type of gift cards for the amount of the refund. The IRS will never demand payment by a specific method.
- Payroll and HR scams. Tax professionals, employers and taxpayers s be on guard against phishing designed to steal Form W-2s and other tax information, particularly now with many businesses closed and their employees working from home due to COVID-19. The most common types of these scams are the gift card scam and the direct deposit scam.
- Ransomware is malware that, once downloaded, looks for and locks critical or sensitive data on the victim’s computer with its own encryption. In some cases, entire computer networks can be adversely impacted. Scammers may use a phishing email to trick a potential victim into opening a link or attachment containing the ransomware. These emails may include solicitations to support a fake COVID-19 charity or allegedly contain information about Economic Impact Payments.
IRS-Recommended Protective Measure
The IRS Information Release also recommends that taxpayers and tax professionals use the free, multi-factor authentication feature available with their tax preparation software to protect against data thefts. According to the IRS, multi-factor authentication means returning users must enter their username/password credentials plus another data point that only they know, such as a security code sent to their mobile phone.