Scam of the day – January 19, 2017 – W-2 scam

We have just come out of the holiday season which is, perhaps, the biggest time of the year for scams and now we are entering the income tax season which probably runs a close second when it comes to scams.

Employers are now sending out W-2 forms to employees which are necessary for the employees to complete their income tax returns.  Many employers will send an email to employees about obtaining their W-2s online and scammers are taking advantage of this by sending emails that appear to come from the potential victim’s employee which contain a link to be used to view and then print the victim’s W-2.  However, when scammers send these phishing emails they are seeking the username and password of the victim which will be provided to the scammer when the victim clicks on the link and provides this information when prompted.  This can lead to identity theft.  In another variation of this scam, merely by clicking on the link, the victim downloads keystroke logging malware that will steal all the information in the victim’s computer and use it to make the person a victim of identity theft.  In yet another variation of the scam, clicking on the link will download dangerous ransomware.


Employers will generally not include a link in legitimate emails to access their W-2 forms online.  Instead they will instruct the employee to go directly to this information at the appropriate department within the employer using their username and password separately.    Even if your employer were to provide a link in such a legitimate email, you could never be sure that the email was from your employer so you should not click on the link.  It is better to independently go to the department of your employer that has this information.

Scam of the day – January 4, 2017 – Income tax scams

Income tax identity theft is a major problem that costs taxpayers billions of dollars and can delay your tax refund by many months while the IRS investigates the matter.  While the IRS has gotten somewhat better at discovering income tax identity theft before paying out a fraudulent return, they are still nowhere near as good as they can and should be in preventing this type of crime.

The crime itself is quite simple.  An identity thief uses your Social Security number obtained in any number of ways and files a phony income tax return using a counterfeit W-2 to claim a sizable refund.  If the IRS pays a refund, which they often do, in response to the phony income tax return, the person whose Social Security number was used in filing the phony income tax return will find that the IRS will flag their legitimate income tax return when it is later filed because of it being the second income tax return filed with the same Social Security number.  It takes the IRS 278 days on average to investigate incidents of income tax identity theft causing the victims to have to wait that long before they can receive their legitimate income tax refund.

The vast majority of people file their income tax returns electronically so it should come as no surprise that a scam that is now being perpetrated involves an email you receive that appears to come from the IRS asking you to update your e-filing information including  your Social Security number and bank account information.  Don’t do it.  It is a scam.  The IRS will not communicate with you by emails or text messages.


The simplest way to avoid income tax identity theft is to file your income tax return as early in the year as possible in order to beat the identity thief to the punch.  If your legitimate income tax return is filed before the identity thief tries to file an income tax return using your Social Security number, your refund will have already been sent by the IRS.

As for avoiding the phishing emails that appear to come from the IRS, the easiest way to avoid this scam is to follow the rule of never providing personal information in regard to an email until you have confirmed that the email is legitimate and there is a legitimate need for the information to be provided.  In this case, in particular, you don’t need to even bother to look into whether the email is legitimate or not because the IRS will never initiate contact with you by an email so you can ignore it.


Scam of the day – December 25, 2016 – Identity thief mastermind sentenced

Earlier this week, Kevin Brown was sentenced to eleven years in prison for masterminding an income tax identity theft operation that stole the identities of 130 people and filed phony income tax returns in their names in an attempt to steal more than 20 million dollars in bogus refunds.  In May of 2016 Marc A. Bell, a juvenile justice worker was sentenced to four years in prison for his role in the income tax identity theft ring which operated out of a Washington D.C. barbershop owned by Brown.  Bell used his position at the D.C. Department of Youth Rehabilitation Services to steal the Social Security numbers and other personal information of juvenile offenders which he provided to Brown,  who used the information to file phony income tax returns with counterfeit W-2s to claim the phony refunds.  In addition to the juvenile offenders personal information, Brown used stolen information of the elderly and drug addicts in his scam.


This case again emphasizes that regardless of how protective you are of your personal information, most importantly, your Social Security number, which is the key to identity theft, you are only as secure as the places that have your personal information.  This case also serves as a reminder to limit the places that do have your Social Security number.   Many companies, agencies and institutions, particularly medical facilities, routinely ask you to provide your Social Security number when they have no need for it.  A good practice to follow is to inquire as to providing another type of identifying number such as your driver’s license rather than giving your Social Security number when it is not needed.  Some people have dealt with companies that don’t have a legitimate need for your Social Security number, but still require you to provide it by giving a different number.  A popular number used for this purpose over the years has been former President Richard Nixon’s Social Security number which was readily available on the Social Security Administration’s Death Master File until recently.  That number is 567-68-0515.  Of course, I do not recommend that you use it.

It is also important to remember that the best way to defeat an income tax identity thief is to file your income tax return early, before an income tax identity thief can file one using your Social Security number.

Scam of the day – October 29, 2016 – IRS impersonation scam busted

Following an exhaustive three year joint investigation by numerous federal agencies  led by the Justice Department, indictments were announced Thursday of 56 people and 5 illegal call centers accused of posing as IRS agents, calling unsuspecting victims in the United States and threatening them if they did not pay phony tax bills. Although the people indicted, including 20 who have already been arrested, were in both the United States and India, the call centers were all located in Ahmedabad India.  The alleged scammers obtained the names of their potential victims from various legitimate data brokers.  These indictments were not related to the police raid earlier this month in India which resulted in the arrest of 70 people charged similarly.

According to the Justice Department,the scammers used a network of co-conspirators in the United States to launder the funds obtained from the victims, most commonly through prepaid debit cards or wire transfers.  The prepaid debit cards were laundered using information stolen from thousands of identity theft victims.  The biggest amount paid by a victim of this scam was paid by a Californian who paid $136,000 to the scammers.


This scam is easy to avoid.  Don’t trust your Caller ID because by using a technique called spoofing, a scammer can make his or her call appear to be from the IRS on your Caller ID.  Trust me, you can’t trust anyone.  The easiest way to recognize if a call from the IRS demanding money is a scam is to be aware of the fact that the IRS will never initiate contact with a taxpayer to collect overdue taxes by a phone call, email or text message.  Any such communication is from a scammer so you should just ignore it.   Additionally, unlike the IRS, the scammers often demand that payments be made immediately by prepaid debit cards, wired funds or even iTunes gift cards, which is something that the IRS will never do.

Scam of the day – October 21, 2016 – Report issued critical of IRS efforts to fight identity theft

Yesterday, the Treasury Inspector General for Tax Administration (TIGTA) issued a report regarding its investigation into the IRS’ electronic authentication controls.  The investigation was prompted by identity thieves using the IRS’ Get Transcript program to obtain the former income tax returns filed by an estimated 724,000 taxpayers and use the information contained in those income tax returns to file phony income tax returns using the names of the victimized taxpayers and obtain fraudulent refunds.   The IRS did not become aware of the vulnerability of the Get Transcript program until May of 2015 and shut down the program until it was reintroduced with what the IRS said was increased security in June of 2016.   The idea behind the IRS’ Get Transcript program was a good one, namely permitting taxpayers to get access to copies of their tax returns from previous years conveniently and electronically.  An essential element of such a program is a strong authentication process to keep identity thieves from accessing this sensitive material and unfortunately, the authentication protocol used by the IRS was quite inadequate and did not meet industry standards resulting in the data breaches affected 724,000 taxpayers.  In one instance the TIGTA report indicated that the IRS missed an attempt by a hacker to attempt to gain access to a victim’s tax return 902 times in a single 24 hour period.

The TIGTA report made seven specific recommendations for increased IRS security in regard to the electronic authentication process to gain access to taxpayers’ records and the IRS has agreed with all seven, however, a number of the recommendations have still not been implemented by the IRS and the system is still not as secure as it should be.


The best way to avoid income tax identity theft is to file your income tax return as soon as possible because even an identity thief in possession of your Social Security number and other personal information that would enable him or her to file a phony income tax return in your name would not be able to get a payment from the IRS if you had already filed your return.

Scam of the day – September 20, 2016 – Income tax identity thief sentenced

Jesse Scott Wilson  of Alaska was recently sentenced to 92 months in prison for his role in an income tax identity theft ring that electronically filed at least 428 phony income tax returns using stolen Social Security numbers resulting in refunds of $681,258 being paid to Wilson and his three cohorts.  Wilson will not have to go far in order to start his prison sentence because both he and his fellow conspirators were already incarcerated in an Alaska prison throughout the time that they managed to pull of their crime.  This just serves as an example of how incredibly easy it has become for someone to commit income tax identity theft which costs the American taxpayers billions of dollars each year.

In 2015 the IRS instituted a new cooperative effort between the IRS, state tax administrators and private tax preparation leaders.  Included among the steps being taken are review by the IRS of the IP address of computers filing income tax returns to identify computers filing multiple returns and reviewing the time it takes to complete an electronic income tax return which can also help identify fraudulent returns since completing a fraudulent return generally takes less time than a legitimate return.  In addition, income tax preparation software companies will be using enhanced validation protocols including increased use of security questions.

However, all of these steps which are expected to cost taxpayers an additional 281 million dollars to implement totally miss the point.  The easiest and simplest way to dramatically reduce income tax identity theft still is not being done by Congress, namely changing the laws regarding employers filing of W-2s.  Under present law, for the upcoming tax filing season, employers must file W-2s with the federal government by February 29th if they file paper W-2s and as late as March 31st if they file, as so many do, electronically.  Unfortunately Congress in its infinite wisdom requires these W-2s to be filed with the Social Security Administration (SSA) by those dates.  The SSA does not send the W-2s to the IRS until July so the IRS does not get around to matching the W-2s filed by employers with those filed by individual taxpayers with their income tax returns until months after the IRS has already sent a refund based on the W-2 filed by the taxpayer or identity thief.  In order to dramatically reduce income tax identity theft, all Congress has to do is merely require employers to file W-2s with the IRS instead of waiting for the SSA to send them to the IRS.  It also would make much more sense than Congress appears to have to require the IRS to match those employer filed W-2s with those filed by individual taxpayers BEFORE sending out a refund in order to easily identify counterfeit W-2s.  For years Congress has been advised to make these simple changes, but it still fails to do so.


Try as it may, the IRS is having a difficult time stopping income tax identity theft by which an identity thief steals your personal information and files a phony income tax return using your name and gets a refund.  Along with protecting your personal information, particularly your Social Security number as much as you can, the best thing you can do to avoid becoming a victim of income tax identity theft is to file your income tax return early.  Income tax identity theft can only work when the criminal is able to file an income tax return using your name and Social Security number before you file your own legitimate income tax return so consider filing as early as possible.

Scam of the day – July 4, 2016 – Steve Weisman’s latest column from USA Today

Sometimes the job of protecting ourselves from identity theft can seem to be overwhelming, which is why I wrote this column for USA Today that provides you with some simple and easy to take steps to reduce your chances of becoming a victim of identity theft.  Here is a link to that column.

Scam of the day – April 15, 2016 – Tax scams multiply as filing deadline approaches

Today, April 15th is the usual deadline for filing your federal income tax return, however, as many people know, if the 15th falls on a weekend, the filing deadline is pushed back to the next Monday.  If April 15th is a holiday, the filing date is also pushed back.  This year, April 16th is Emancipation Day, which is a legal holiday in Washington D.C. and because it falls on a Saturday, federal employees have the preceding Friday, April 15th, off from work which pushes the filing deadline to the next business day, which is Monday, April 18th.  If that isn’t complicated enough, if you live in Massachusetts or Maine, you have until April 19th to file your tax returns because April 18th is Patriot’s Day, a state holiday in those two states.

In any event, scammers and identity thieves don’t take off holidays and the IRS is warning people again about an increase in income tax scams that are occurring in the final days before the income tax filing deadline.  There are a number of various scams tied to income tax filings, but they generally fall into four categories.  The first is when you get a telephone call purporting to be from the IRS informing you that if you don’t send them money right away, you will be arrested or suffer some other serious penalty.  The second is when you receive an email or text message apparently from the IRS requiring you to verify information in order to receive your refund.  You supply this information by clicking on a link.  The third is when you receive a telephone call apparently from the IRS asking you to confirm personal information over the phone in order to receive your refund.  The fourth is when you receive a call, text message or email from your online tax preparation company requiring you to confirm personal information.

All of these are scams that will either directly steal your money or provide the identity thieves with personal information they can use to make you a victim of identity theft.


The IRS will not call you and threaten you in order to collect outstanding taxes and they will not require you to wire money to them.  Even if your Caller ID indicates it is the IRS calling, scammers using a technique called “spoofing” can make it appear on your Caller ID that it is the IRS calling when it is not.  If you get a call from someone purporting to be from the IRS initiating contact about collecting overdue taxes, it is a scam.  It is that simple.  Just hang up.

The IRS will not be contacting you by phone, email or text messages to confirm information regarding your tax return, so never provide personal information in response to being contacted in these ways by someone pretending to be with the IRS.  In addition, merely by clicking on a link contained in such electronic messages could download malware that could steal your personal information from your computer and use it to make you a victim of identity theft.

Phony emails or text messages from your online tax preparation company requesting personal information is a very prevalent scam this year.  Whenever you get an email or text message from anyone asking for personal information, do not provide it unless you have independently confirmed that it was legitimate.  Trust me, you can’t trust anyone.

Here is a link to the IRS’ recent warning.

Scam of the day – March 5, 2016 – New problems for victims of income tax identity theft

Becoming a victim of income tax identity theft is very distressing.  Identity thieves file federal or state income tax returns in your name and using your Social Security number along with a counterfeit W-2 in order to claim a fraudulent refund.  According to the IRS, it paid out 5.8 billion dollars in 2013 to income tax identity thieves.  Often, it is not until the victim of income tax identity theft later files his or her own legitimate income tax return after the identity thief has filed one using the victim’s information that the IRS becomes aware that a crime has occurred.  It then takes, on average, 278 days before the IRS is able to investigate individual instances of income tax identity theft and return to the victimized taxpayer, his or her legitimate refund.

In an effort to reduce the chance that victims of income tax identity theft will not be victimized again, the IRS will issue, upon demand, an Identity Protection PIN, which is a six digit PIN to be used by the previously victimized taxpayer when filing his or her federal income tax return to insure that the income tax return filed is not from an identity thief.  Unfortunately, as recently reported by KrebsOnSecurity, the Identity Protection PIN program has been hacked by identity thieves due to the failure of the IRS to use a strong authentication protocol when someone tries to retrieve their PIN from the IRS.  Presently all that the person attempting to get the PIN has to do is answer four personal information questions, the answers to which can be easily obtained through various online sources including the victim’s Facebook page and other social media.  It was this same authentication vulnerability that led to the theft of personal information of 724,000 people through the IRS’ Get Transcript program.  This failure of the IRS to better protect people who have already been victims of identity theft is disappointing.


If you are one of the 2.7 million people who have an Identity Protection PIN, you should be aware that due to the vulnerabilities of the IRS’ authentication protocol, you are not as protected from becoming a repeat victim of income tax identity theft as you might have thought.  Therefore it is important to file your income tax return as early as possible in order to beat a potential income tax identity thief to the punch.  In fact, filing early is the best defense against income tax identity theft for everyone regardless of whether you have previously been a victim of income tax identity theft.

Scam of the day – March 3, 2016 – Identity thieves stealing W-2s

Income tax identity theft is a multi billion dollar problem that costs the government and, by extension,  we the taxpayers billions of dollars each year while tremendously inconveniencing the individual taxpayers whose identities are stolen as it generally takes the IRS months to fully investigate each instance of identity theft and send to the victimized taxpayer his or her legitimately owed tax refund.  Armed with a potential victim’s name and Social Security number, it is a simple matter for an income tax identity thief to file a phony return with a counterfeit W-2 to obtain a fraudulent income tax refund.

Now, it appears sophisticated income tax identity thieves are stealing large numbers of legitimate W-2s containing all of the information the identity thieves need to file a fraudulent income tax return by sending phishing emails to HR and accounting departments within companies often posing as the CEO of the company or someone else in upper management requesting copies of all employee W-2s under various guises.  Other times, payroll management companies have been targeted using the same type of phishing emails.  In some instances, the phishing emails have been recognized as scams, but in other instances, companies have unwittingly handed over thousands of W-2s to clever identity thieves.


All companies have got to do a better job of training employees to recognize phishing emails and installing anti-phishing software programs.  In addition, dual factor authentication should be used before transmitting sensitive data to make sure that the person to whom the material is being sent is really who they represent they are.  These same lessons that apply to companies also apply to all of us as individuals, as well.  Phishing is done to steal the identities and information of unwary individuals every day and the best way to protect yourself is to start with remembering my motto, “trust me, you can’t trust anyone.”  Never provide personal information to anyone who asks for it by phone, text message or email unless you have absolutely confirmed that the request is legitimate and the person or company requesting the information has a legitimate need for the information.  Never click on links or download attachments from emails or text messages unless you have confirmed they are legitimate because those links and attachments could contain keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft.  Finally, keep all of your electronic devices including your smartphone up to date with the latest security software patches.