During the month of March, the IRS launches a campaign to reduce tax fraud. The traditional name of this campaign is the "Dirty Dozen" tax scams. The first scam the IRS warns of is phishing emails designed to steal your identity.
IRS Commissioner Chuck Rettig stated, "Taxpayers should be on constant guard for these phishing schemes, which can be tricky and cleverly disguised to look like it's the IRS. Watch out for emails and other scams posing as the IRS, promising a big refund or personally threatening people. Don't open attachments and click on links in emails. Don't fall victim to phishing or other common scams."
Criminals often attempt to use a click-through links to load malware on your computer. This malware may send your passwords and financial account information to the fraudster so he or she can file a tax return posing as you and claim your refund.
The 2019 filing season has produced new fraud variations. Some fraudsters target individual taxpayers and some target tax advisors.
- Bank Account Fraud – If the fraudster obtains your bank account information, he or she may file a tax return and have the refund deposited in your bank account and then try to reclaim the refund. The scammer will call claiming to be from the IRS and will threaten prosecution if you do not return the improper refund. You are directed to return the refund, but the account receiving the payment is controlled by the fraudster, not the IRS.
- Business Email Compromise – Criminals may send emails to CPAs, enrolled agents or other tax advisors using one of several fraud strategies. He or she may request payment of an invoice or pose as an employee asking to change his or her payroll direct deposit to a new bank. Some fraudsters claim to be company executives and direct the finance staff person to make a wire transfer. In all of these cases, the transfers are sent to a fraudster's account.
The Service offers specific security tips to protect your data. First, use security software that contains a firewall and anti-virus protection. Your security software should be automatically updated each day.
Second, be suspicious of unsolicited emails and do not click on any links if you are uncertain of the sender. A criminal may claim to be a friend and use his or her name, but if the email address is unusual do not click on any links.
Security is an ongoing concern for everyone who uses a computer. Taking a few simple steps to protect your data can save you from a substantial loss.