By Michael Kaiser, Executive Director
The closer we get to April 15, the more we’ll be scampering around collecting receipts and crunching the numbers in hopes of receiving tax refunds. At the same time, cybercriminals and scammers will be working on ways to separate people from their hard-earned money.
Recently, the Internal Revenue Service (IRS) reported
that more that 360,000 individuals had been targeted by tax scammers since 2013. These tax cybercrimes include tax identity theft, phone scams and phishing.
In tax identity theft, a cybercriminal tries to get between the taxpayer and the IRS and divert the taxpayer’s refunds to his or her own account. Tax ID thieves usually file returns early, using taxpayers’ stolen personal information (name, address, social security number, date of birth) so that they might beat the legitimate taxpayers to submitting their tax returns.
The fake or imposter IRS scam usually works like this: a cybercriminal initiates a call to a taxpayer (often “spoofing” or making it look like a call is coming directly from the IRS on caller ID), claims that the taxpayer owes the IRS taxes and demands immediate payment. Usually, that payment will be requested in the form of a prepaid debit card or a wire transfer. Refusal to pay usually results in threats of arrest, deportation or loss of a business or driver's license. Cybercriminals also use other scams during tax season —inflated refunds, return preparer fraud and fake charities, to name a few. The IRS has posted a list of the dirty dozen tax scams
to avoid in the 2015 tax season.
Finally, don’t forget good old phishing — where cybercriminals use seemingly legitimate links in emails, online ads or social media messages to trick people into revealing personal information or click through links to sites with malware. For information on the ways scammers use the IRS brand to phish people, see this blog
by the Security Skeptic.
A recent article
in the Washington Post
indicates that some of the most popular online tax preparation programs also see high levels of fake or fraudulent returns because of a lack of adequate security measures.
So how does one prevent bad things from happening around the submission of their taxes?
- File your taxes as early as possible; this is one way to avoid ID theft and a good way to get your refund in a timely fashion.
- Get two steps ahead and use multi-factor authentication whenever it’s available. Multi-factor authentication, or two-step verification as it is sometimes called, requires an additional step, such as an SMS text to your phone with a one-time code that’s entered after you enter your username and password for an online account. Check with your online tax preparation service to see if it offers multi-factor authentication (it’s usually free, but you need to opt in). It’s good to enable two-step verification on your email account as well, since it’s a core account — if hacked, cybercriminals can easily access other accounts.
- When in doubt, throw it out. If you have any doubt about the authenticity of any message you receive over email, text or social media, delete it.
- Hang up on the bad guys. In the vast majority of cases, if the IRS has identified a problem, it will contact you first by mail. The IRS will never request payment by wire transfer, credit card or prepaid debit card.
The IRS’s help page is http://www.irs.gov/Help-&-Resources
Remember to always STOP. THINK. CONNECT.
: take security precautions, understand the potential consequences of your actions and behaviors and connect and enjoy the Internet.
Report scams to:
Check Out Some of Our Other Recent Blog Posts