By: Eric R. Elmore
It’s been a full year since the Tax Cuts and Jobs Act of 2017 was passed. And, while the IRS and tax professionals continue to dissect it, scam artists are busy plotting to take advantage of the confusion to steal your money and identity. Today, we’ll discuss a few of their go-to scams and some new ones that have surfaced. Let's get at it!
The level of sophistication some scammers have achieved is impressive. Nearly every part of our lives requiring a transaction is at risk. Email, downloads, text messaging, online shopping and phone calls are all possible entry points into our personal information. Scammers count on our increased use of these mediums to determine the right moment to strike. There are an endless number of tricks in existence. Below are a few scams of which the IRS warns us to be vigilant.
Phishing is a type of scam where criminals, appearing to be from a legitimate company, ask you to provide sensitive information. These have become even harder to spot as some emails now come from addresses familiar to you, like a family member or work colleague, and even have company logos affixed. The content of the emails can even be tailored to your line of work.
When you receive a suspicious email, look for common cues of illegitimacy like bad grammar or misspellings, a wrong phone number in the signatory line, or no context around the request for you to click a link or provide information. Upon receiving these emails, simply delete them without clicking on anything in the email and alert your IT administrator, if you are at work. Also, if you are unsure of the authenticity of the email from a friend or colleague, simply call them to ask if they emailed.
Not all phishing attempts are emails—some are phone calls. A more common scam is a person pretending to be from the IRS threatening immediate arrest or property seizure if back taxes are not paid by credit card. Don’t take the bait! The IRS regularly alerts taxpayers that it does not call with aggressive threats of arrests or property seizure. Nor does it initiate contact via email, text messaging or phone calls to collect personal or financial information.
The Power of Passwords
Everyone who uses online accounts, from banking to shopping, uses passwords. Though it’s been said often before, use strong passwords for these accounts. Avoid using birthdays, addresses, or other information closely and commonly connected to you. Scammers often know these details about you and, through deductive reasoning, can figure out a password if it’s something like a birthday or name of a child or spouse.
Some experts recommend the use of a “passphrase” instead of a password. Passphrases can consist of a favorite movie line or series of associated words. For example, instead of your son’s first name and date of birth, consider “RaidersOfTheLostArk” if that is his favorite movie, or “IndyHatesSnakes.” But make sure it is something you can remember or use a secure password manager app. It is not recommended you keep passwords in your phone or computer contacts. You can find free password manager apps in the Apple Store or Google Play Store.
Variety—using a different password for different accounts—is also a way to help stave off would-be scammers. For example, if have a favorite book, movie or TV show, consider using different character names or quotes as passphrases for different accounts. The idea is to create passwords or passphrases that are unique to you; ones where it is near impossible for a scammer to guess, but easy for you to remember.
Small business identity theft is big business for identity thieves. Just like individuals, businesses are targets for identity theft. The information is often used to open bogus credit accounts and file fraudulent tax returns for bogus refunds. Employers also hold sensitive data on employees, such as Form W-2 data, which is also highly coveted by thieves.
Stolen Employer Identification Numbers (EINs) have long been used to create phony W-2s used to file fraudulent tax returns, all unbeknownst to the employer and employee, often until it is too late.
In recent years, a more dangerous W-2 scam has surfaced. An email appears to be from an executive to a payroll or HR employee. Familiarity of the email address and the casual tone of the email create the opportunity to drop one’s guard and fulfill the request. By the end of the exchange, all an organization’s Forms W-2 for their employees may have been compromised. If you believe your company has been a victim of this scam, the IRS has a special email address set up to report it at firstname.lastname@example.org.
These scams are serious business and can wreak havoc in your financial life and your business operations. Be vigilant for these occurrences and when in doubt, hang up the phone or delete the email or text message. If you think you may have fallen victim to a tax scam, alert your tax advisor immediately. Acting on your behalf, your advisor can often make headway faster that you can.