Scam of the day – August 30, 2017 – Mail carrier pleads guilty to identity theft charges

An Arkansas mail carrier has pleaded guilty to identity theft related charges in federal court and is facing a sentence of up to ten years in federal prison.  Michael Hearns conspired with six other identity thieves who filed phony income tax returns using the names and Social Security numbers of people whose Social Security numbers they stole.  Using counterfeit W-2s, the identity thieves claimed large refunds, which were to be paid through debit cards and checks.  This is where Hearns came in. The phony tax returns used addresses on Hearns’ postal route so when the fraudulent refunds were mailed by the IRS, they were retrieved by Hearns.


Income tax identity continues to be a major problem for the IRS although the situation has improved somewhat this year.  The key to protecting yourself from becoming a victim of income tax identity theft is to not only protect the privacy and security of your Social Security number as best you can, but also to file your income tax return as early as possible to prevent an identity thief from filing one and getting a refund before you do.

Scam of the day – August 26, 2017 – Business email scammer charged

The Business Email Compromise scam continues to be an effective scam perpetrated against many companies, however recently one alleged criminal operating this scam has been arrested.  Daniel Adekunie Ojo, was charged with fraud and identity theft in regard to using this scam against school systems in Connecticut and Minnesota.

Generally this scam involves an email to the people who control payments at a targeted company. These people receive an email purportedly from the CEO, company attorney or even a vendor with which the company does business requesting funds be wired to a phony company or person.   At its essence, this scam is remarkably simple and relies more on simple psychology instead of sophisticated computer malware.  Often the scammers will do significant research to not only learn the name of the key employees involved with payments within a company, but also will infiltrate the email accounts of company employees for a substantial period of time to learn the protocols and language used by the company in making payments.  The scammers also gather information from the company’s website and from social media accounts of its employees, all in an effort to adapt their message to seem more legitimate.

In a variation of this scam, Ojo, posing as a school official asked for W-2s of all employees and received thousands of these documents which he used for purposes of income tax identify theft by filing phony income tax returns in the names of his victims and collected phony refunds based upon counterfeit W-2s that he submitted with the phony tax returns.


In order to avoid this scam, companies should be particularly wary of requests for wire transfers made by email. Wire transfers are the preferred method of payment of scammers because of the impossibility of getting the money back once it has been sent.  Verification protocols for wire transfers and other bill payments should be instituted including, dual factor authentication when appropriate.  Companies should also consider the amount of information that is available about them and their employees that can be used by scammers to perpetrate this crime.  They also should have strict rules regarding company information included on employee social media accounts that can be exploited for “spear phishing” emails which play a large part in this scam. Finally, employees should be specifically educated about this scam in order to be on the lookout for it.

Companies should also be protective of personal information such as W-2s and should not provide it electronically unless they have confirmed that the request for the documentation is legitimate.

Scam of the day – August 25, 2017 – New scam targeting tax professionals

There is a reason scam artists are the only criminals we refer to as artists. They can be incredibly good at what they do.  Unfortunately, what they do is try to con us and steal our money and identities.

This is a time of the year when many tax professionals are receiving updates of their tax preparation software from their software providers. Knowing this,  scammers are targeting CPAs and other tax professionals with phishing emails that appear to come from the tax professional’s software provider with the subject line indicating “Software Support Update.”  In these emails, the scammers tell their intended victims that they need to revalidate their login credentials.  The scammers provide a link to a phony website that looks like the software provider’s webpage, but is a fake.  If the tax professional falls for this scam and provides his or her login information, the scammers will use this information to access the victim’s account and get at their client’s confidential  information which can then be used for purposes of identity theft.


While the email address from which the email is sent may in some circumstances look legitimate, upon close observation you will see that it is not really from your software provider and in some instances, the email will be sent from a botnet of hacked computers such that the email address sending the email is that of an individual totally unrelated to the software company.  In addition, no tax preparation software providers insert links in emails for their clients to validate passwords.  In addition, you should never click on any link unless you have absolutely verified that it is legitimate.  The risk of all kinds of malware including ransomware is too great.  If you are a tax professional and you receive such an email and think that it might be legitimate, you should contact your software provider by email or phone to confirm that this was a scam.

Scam of the day – June 14, 2017 – IRS improves its handling of income tax identity theft

Income tax identity theft, by which identity thieves file phony income tax returns with counterfeit W-2s using the Social Security number and name of their victims is still a major problem for the IRS and taxpayers costing us all billions of dollars each year.  However, when someone has stolen your Social Security number and filed an income tax return using your name, the problem becomes particularly personal.

In 2015 I reported to you about a report of the Treasury Inspector General for Tax Administration (TIGTA) in which it disclosed that despite IRS assurances to the contrary, it took the IRS an average of 278 days to resolve individual income tax identity theft cases and return the rightfully owed tax refund to the victimized taxpayer.  In a heartening example of some good news, TIGTA has recently reported that the IRS has lowered the time to resolve the income tax identity theft cases of individual taxpayers to 166 days, which, although to my mind, is still too long, is a significant improvement.


Along with protecting the privacy of your Social Security number as much as possible, the best thing you can do to protect yourself from income tax identity theft is to file your income tax return as soon as possible in order to make sure your return is filed prior to that of an identity thief.  Income tax identity theft only works if the identity thief files a tax return before you do.

If you do find yourself a victim of income tax identity theft, you should file a police report immediately and then file a paper tax return with an attached Form 14039 Identity Theft Affidavit along with a copy of the police report to the IRS to hasten the process of recovering your tax refund.

March 28, 2017 – Steve Weisman’s latest column for USA Today

Here is a link to my latest column for USA Today in which I discuss the latest income tax scams.  Income tax scams are always evolving and you need to know how to recognize and avoid these scams.

Scam of the day – March 7, 2017 – Prisoner convicted of income tax identity theft while in prison

Daniel Aaron Stone has pleaded guilty to charges related to income tax identity theft and will be sentenced later this year.  However, it is unlikely that Stone’s address will change once he is sentenced because he is already serving time in federal prison and was doing so at the time he committed his new crimes.

This is just an example of how easy it is to accomplish income tax identity theft.  All it takes is the names and Social Security numbers of the intended victims.  Using this information, it is a simple matter to electronically file a fraudulent income tax return with phony W-2 information.  If the phony return is filed before the victim files his or her income tax return, there is a good chance that the IRS will send the requested refund to the income tax identity thief.


Try as it may, the IRS is having a difficult time stopping income tax identity theft.   Along with protecting your personal information, particularly your Social Security number as much as you can, the best thing you can do to avoid becoming a victim of income tax identity theft is to file your income tax return early.  Income tax identity theft can only work when the criminal is able to file an income tax return using your name and Social Security number before you file your own legitimate income tax return so consider filing as early as possible.

Scam of the day – January 19, 2017 – W-2 scam

We have just come out of the holiday season which is, perhaps, the biggest time of the year for scams and now we are entering the income tax season which probably runs a close second when it comes to scams.

Employers are now sending out W-2 forms to employees which are necessary for the employees to complete their income tax returns.  Many employers will send an email to employees about obtaining their W-2s online and scammers are taking advantage of this by sending emails that appear to come from the potential victim’s employee which contain a link to be used to view and then print the victim’s W-2.  However, when scammers send these phishing emails they are seeking the username and password of the victim which will be provided to the scammer when the victim clicks on the link and provides this information when prompted.  This can lead to identity theft.  In another variation of this scam, merely by clicking on the link, the victim downloads keystroke logging malware that will steal all the information in the victim’s computer and use it to make the person a victim of identity theft.  In yet another variation of the scam, clicking on the link will download dangerous ransomware.


Employers will generally not include a link in legitimate emails to access their W-2 forms online.  Instead they will instruct the employee to go directly to this information at the appropriate department within the employer using their username and password separately.    Even if your employer were to provide a link in such a legitimate email, you could never be sure that the email was from your employer so you should not click on the link.  It is better to independently go to the department of your employer that has this information.

Scam of the day – January 4, 2017 – Income tax scams

Income tax identity theft is a major problem that costs taxpayers billions of dollars and can delay your tax refund by many months while the IRS investigates the matter.  While the IRS has gotten somewhat better at discovering income tax identity theft before paying out a fraudulent return, they are still nowhere near as good as they can and should be in preventing this type of crime.

The crime itself is quite simple.  An identity thief uses your Social Security number obtained in any number of ways and files a phony income tax return using a counterfeit W-2 to claim a sizable refund.  If the IRS pays a refund, which they often do, in response to the phony income tax return, the person whose Social Security number was used in filing the phony income tax return will find that the IRS will flag their legitimate income tax return when it is later filed because of it being the second income tax return filed with the same Social Security number.  It takes the IRS 278 days on average to investigate incidents of income tax identity theft causing the victims to have to wait that long before they can receive their legitimate income tax refund.

The vast majority of people file their income tax returns electronically so it should come as no surprise that a scam that is now being perpetrated involves an email you receive that appears to come from the IRS asking you to update your e-filing information including  your Social Security number and bank account information.  Don’t do it.  It is a scam.  The IRS will not communicate with you by emails or text messages.


The simplest way to avoid income tax identity theft is to file your income tax return as early in the year as possible in order to beat the identity thief to the punch.  If your legitimate income tax return is filed before the identity thief tries to file an income tax return using your Social Security number, your refund will have already been sent by the IRS.

As for avoiding the phishing emails that appear to come from the IRS, the easiest way to avoid this scam is to follow the rule of never providing personal information in regard to an email until you have confirmed that the email is legitimate and there is a legitimate need for the information to be provided.  In this case, in particular, you don’t need to even bother to look into whether the email is legitimate or not because the IRS will never initiate contact with you by an email so you can ignore it.


Scam of the day – December 25, 2016 – Identity thief mastermind sentenced

Earlier this week, Kevin Brown was sentenced to eleven years in prison for masterminding an income tax identity theft operation that stole the identities of 130 people and filed phony income tax returns in their names in an attempt to steal more than 20 million dollars in bogus refunds.  In May of 2016 Marc A. Bell, a juvenile justice worker was sentenced to four years in prison for his role in the income tax identity theft ring which operated out of a Washington D.C. barbershop owned by Brown.  Bell used his position at the D.C. Department of Youth Rehabilitation Services to steal the Social Security numbers and other personal information of juvenile offenders which he provided to Brown,  who used the information to file phony income tax returns with counterfeit W-2s to claim the phony refunds.  In addition to the juvenile offenders personal information, Brown used stolen information of the elderly and drug addicts in his scam.


This case again emphasizes that regardless of how protective you are of your personal information, most importantly, your Social Security number, which is the key to identity theft, you are only as secure as the places that have your personal information.  This case also serves as a reminder to limit the places that do have your Social Security number.   Many companies, agencies and institutions, particularly medical facilities, routinely ask you to provide your Social Security number when they have no need for it.  A good practice to follow is to inquire as to providing another type of identifying number such as your driver’s license rather than giving your Social Security number when it is not needed.  Some people have dealt with companies that don’t have a legitimate need for your Social Security number, but still require you to provide it by giving a different number.  A popular number used for this purpose over the years has been former President Richard Nixon’s Social Security number which was readily available on the Social Security Administration’s Death Master File until recently.  That number is 567-68-0515.  Of course, I do not recommend that you use it.

It is also important to remember that the best way to defeat an income tax identity thief is to file your income tax return early, before an income tax identity thief can file one using your Social Security number.