During tax time, phishing attempts are high. We always hear about how to not fall for online scams but, in our technologically enhanced lives, we may have forgotten that “old school” phishing scams conducted over the phone still exist.
“Be careful out there.” That’s the word from the Internal Revenue Service (IRS) as the tax agency reminds taxpayers about continuing aggressive phone scams. Those phone scams are “a major threat to taxpayers” and as such, continued to hold down a top spot on the IRS list of tax scams for the 2018 filing season. Here’s how the scams typically work:
In the most common version of the scam, callers posing as IRS representatives contact taxpayers by phone, claiming that they owe money to the IRS. Taxpayers are told that they must pay the balance promptly using a pre-loaded debit card or wire transfer or be subject to punishment, including arrest, deportation, or suspension of a business or driver’s license. The callers may use common names and fake badge numbers. The number on the caller ID may also look like the IRS, since the scammers may spoof the IRS toll-free number.
In another version of the scam, callers posing as IRS representatives advise potential victims that two certified letters were sent to the taxpayer in the mail but were returned as undeliverable. The callers then threaten to arrest the potential victim if a payment is not immediately made through a prepaid debit card. The scammer also tells the victim that the purchase of the card is linked to the Electronic Federal Tax Payment System (EFTPS) system. To ensure that the potential victim doesn’t back out, the caller warns the taxpayer not to contact their tax preparer, an attorney, or their local IRS office until after the tax payment is made.
In the most recent version of the scam, thieves use phishing and other schemes to steal client data from tax professionals. Then, using that data, they file fraudulent tax returns and use the taxpayers’ real bank accounts to deposit erroneous tax refunds. Finally, the thieves, posing as the IRS, debt collection agency officials, or law enforcement, call attention to the error and ask taxpayers to return the money to them.
As a reminder, the IRS will never:
- Call to demand immediate payment over the phone, nor will the agency call about taxes owed without first having mailed you a bill.
- Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.
- Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
- Require you to use a specific payment method for your taxes, such as a prepaid debit card, gift card, or wire transfer.
- Ask for credit or debit card numbers over the phone.
Don’t engage or respond with scammers. Here’s what to do if you receive a suspicious phone call or message:
- If you receive a call from someone claiming to be from the IRS, and you do not owe tax, or if you are immediately aware that it’s a scam, don’t engage with the scammer and do not give out any information. Just hang up.
- If you receive a telephone message from someone claiming to be from the IRS, and you do not owe tax, or if you are immediately aware that it’s a scam, don’t call them back.
- If you receive a phone call from someone claiming to be with the IRS, and you owe tax or think you may owe tax, do not give out any information. Call the IRS back to find out more information.
Don’t fall for the tricks. Keep your personal information safe by remaining alert, and, when in doubt, assume it’s a scam.
In addition to phone scams, here are some steps to follow to keep your identity secure while accessing email:
1. Avoid clicking on any Web links from within a suspicious email. These embedded links may direct your Internet browser session to illegitimate Websites asking for personal information and could also download malicious code, such as viruses or spy ware, onto your machine.
2. The content of many phishing emails can be very threatening (e.g., account closure, account verification, account updates, account is limited) and can be convincing to entice the user to follow through with the provided instructions. By far, most institutions will use non-Internet methods, such as the U.S. Postal Service, to send these types of notices and then will only send them to your official address of record. If in doubt about the legitimacy of these threatening emails, call the institution using the phone number on your last statement or on the back of your credit card if credit card related.
3. Similarly, financial institutions generally require some form of an initial setup to be completed prior to allowing electronic banking services. An online relationship is usually not established automatically or only through an exchange of emails. Become familiar with your financial institution’s online registration process and how the electronic relationship may change from time to time. If in doubt, call the institution using the phone number on your last statement or on the back of your credit card.
4. Update your computer’s operating and Internet browser software on a regular basis. These updates routinely include security enhancements.
5. Maintain anti-virus programs to the current level of protection.
6. Select and maintain passwords that are difficult to guess and change them regularly.
7. If you believe an email to be valid, you should always try to verify the email before opening by contacting the sender if possible. If the sender can’t be verified, then the email should be deleted.
Internet scams and identity theft continue to be on the rise. Fake emails are composed in such a way that they look legitimate to the spam detection in place at all organizations allowing them to temporarily bypass the devices. Be cautious when going through your inbox and look for the signs described above to alert you to these fake emails.
If you have any question, please contact the HelpDesk at 718.982.HELP.