Scam of the day – February 17, 2017 – Company hit twice by W-2 scam

Income tax identity theft is a multi billion dollar problem that costs the government and, by extension,  we the taxpayers billions of dollars each year while tremendously inconveniencing the individual taxpayers whose identities are stolen as it generally takes the IRS months to fully investigate each instance of identity theft and send to the victimized taxpayer his or her legitimately owed tax refund.  Armed with a potential victim’s name and Social Security number, it is a simple matter for an income tax identity thief to file a phony return with a counterfeit W-2 to obtain a fraudulent income tax refund.

I have been warning you for a year about identity thieves tricking companies into providing employee W-2s to them.  These stolen W-2s contain all of the information the identity thieves need to file a fraudulent income tax return.  The scam works by sending phishing emails to HR and accounting departments within companies often posing as the CEO of the company or someone else in upper management requesting copies of all employee W-2s under various guises.  Other times, payroll management companies have been targeted using the same type of phishing emails.  In some instances, the phishing emails have been recognized as scams, but in other instances, companies have unwittingly handed over thousands of W-2s to clever identity thieves.

This scam continues to plague companies both big and small and recently, Monarch Beverage, Indiana’s biggest beer and wine distributor acknowledged that not only had it recently become a victim of this scam turning over W-2s of more than 600 employees to identity thieves, but that in the course of its investigation into the matter, it had been victimized last year by the same scam.

TIPS

All companies have got to do a better job of training employees to recognize phishing emails and installing anti-phishing software programs.  In addition, dual factor authentication should be used before transmitting sensitive data to make sure that the person to whom the material is being sent is really who they represent they are.  These same lessons that apply to companies also apply to all of us as individuals, as well.  Phishing is done to steal the identities and information of unwary individuals every day and the best way to protect yourself is to start with remembering my motto, “trust me, you can’t trust anyone.”  Never provide personal information to anyone who asks for it by phone, text message or email unless you have absolutely confirmed that the request is legitimate and the person or company requesting the information has a legitimate need for the information.  Never click on links or download attachments from emails or text messages unless you have confirmed they are legitimate because those links and attachments could contain keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft.  Finally, keep all of your electronic devices including your smartphone up to date with the latest security software patches.

Scam of the day – November 21, 2016 – New IRS scam targets tax professionals

While many of the rest of us are still receiving phone calls from scammers posing as the IRS in order to fool us into sending them money, CPAs and other tax professional are being targeted by sophisticated identity thieves through emails that appear to come from the IRS with the subject line indicating “Security Awareness for Tax Professionals”   The email has a counterfeit IRS logo in the message and tells the intended victim that the IRS is updating its authentication procedures and requires the person receiving the email to log in to update their username and password.  Of course, anyone providing this information would have turned this data over to a scammer who will then use it to access sensitive information in that person’s e-services account with the IRS.

TIPS

Tax professionals receiving this email should already be protecting their security through strong passwords, dual factor authentication, when possible, regularly updated security software as well as using encryption programs for email.  Data should also be stored in the cloud or a portable hard drive.  If someone receiving this email has concerns that it might be legitimate due to the fact that the IRS is constantly trying to update its security, he or she should still not click on any links in the email or provide any information in response to the email, but rather contact the IRS directly at an email address of telephone number he or she knows is legitimate.

Scam of the day – October 19, 2015 – Phony IRS phone calls continue to scam taxpayers

Although I have been warning you about this particular scam for years, another warning is warranted in the light of the IRS and the Treasury Inspector General for Tax Administration disclosing last week that since October of 2013 there have been reports of approximately 736,000 people being called by scammers posing as IRS agents demanding immediate payment of overdue taxes by credit card,  prepaid debit cards or wired funds.    Often the scammers threaten their victims with criminal charges, deportation or loss of a driver’s license.  According to J. Russell George, the Treasury Inspector General for Tax Administration, the IRS is aware of about 4,550 victims who have paid more than 23 million dollars to these scammers.  Unfortunately, the real figure of victims and money lost is most likely far in excess of these figure.

TIPS

This scam is easy to spot.   The IRS will never initiate communications with a taxpayer by phone so if someone calls you purporting to be from the IRS in an initial effort to collect overdue taxes, you should hang up because it is a scam.   Even if your Caller ID appears to show that the call is from the IRS, this does not mean that the call actually is from the IRS.  Through a technique called “spoofing” a scammer can make the call appear to be legitimate, but it is not.  The IRS will never demand payment by credit card, debit card, cash card or wired funds through an initial telephone call.  If you think that you really may owe taxes, call the IRS at 800-829-1040 to speak to a real IRS employee.  If you receive a scam call, you may wish to report the call to the Treasury Inspector General for Tax Administration at 800-366-4484.

Scam of the day – January 23, 2015 – Green Dot MoneyPak card scam update

The MoneyPak reloadable debit card made by Green Dot, a California company is very popular with consumers to easily send money quickly anywhere you want.  Its convenience and inability to be accurately traced also makes it a favorite of scammers who often will trick their victims into sending money using the MoneyPak cards merely by providing the activation code and the security number of the cards that the consumer purchases.  However, as I reported to you in early September 2014, Green Dot has announced that it will be phasing out the MoneyPak card by March of 2015 and replacing the cards with a new reloadable debit card that will move the reloading of cards to the cash registers of retailers to be done through a card processing machine that Green Dot says will reduce fraud.   With this looming deadline, many scammers are increasing their efforts to scam people out of their money through the use of the MoneyPak cards before they go out of existence.

TIPS

Whenever you are asked by someone to quickly provide payment to them through a MoneyPak card, you should immediately become skeptical and give more thought to whether or not the transaction is legitimate.  In one scam that is currently exploiting the use of these cards, scammers under the guise of being IRS agents are calling people and threatening them with tremendous financial penalties and even jail time unless they pay the phony IRS agents by providing the numbers for MoneyPak cards.  As I have told you before, the IRS will never contact you in this fashion, so you can be sure that if you receive such a call, it is a scam.  Whether or not the phasing out of the old MoneyPak debit cards will reduce the fraudulent use of reloadable debit cards remains to be seen, but everyone should be wary whenever they are told to pay for something by means of wiring funds or debit cards which are impossible to get back.

Scam of the day – September 1, 2014 – Phone scams

Although so much of our attention is focused on scams perpetrated on the Internet and through means of high technology, a recent survey confirmed that low technology, namely the telephone still is fertile ground for many scams.  According to the Truecaller/Harris survey more than 17 million Americans became victims of telephone scams during the past year at a cost of 8.6 billion dollars.  One specifically telephone connected scam is “cramming” where fraudulent charges are added to your phone bill and often go unnoticed by people who pay little attention to the detailed information provided in lengthy, monthly phone bills particularly for wireless service. There are many ways that these unauthorized charges make their way to a victim’s phone, sometimes, consumers actually unknowingly sign up for premium texting services that may be for things such as flirting tips, horoscopes or celebrity gossip.  Whatever the source of the charges, they are fraudulent and typically cost about $9.99 per month and continue to appear for months without end.  You can find more detailed information about cramming by putting the word “cramming” into the archives section of Scamicide.  Other telephone related fraud occurs when people provide personal information over the phone when called by scamming telemarketers or to scammers who entice or scare the person receiving the call to either provide personal information or make a payment, such as in the present scam in which you receive a call purportedly from the IRS demanding payment for outstanding taxes.

TIPS

In regard to protecting yourself from cramming, you should never click on links or sign up for anything unless you have carefully read the fine print to see what else you may be signing up for.  In fact, you should never click on links in an email or text message unless you have independently verified that it is legitimate.  As for calls from telemarketers, not all telemarketers are criminals, but unfortunately, you have no way of knowing when you receive a call whether or not the person on the other end of the conversation is indeed legitimate or not so you should never provide personal information or payment in response to a telephone call until you have independently verified the call.  You may even wish to put yourself on the federal Do Not Call list to avoid telemarketers.  If you do get a call from a telemarketer after you have put yourself on the list, you know that the person is not legitimate and you should ignore the call.  Here is a link to the Do Not Call list if you wish to enroll.  https://www.donotcall.gov/  You can still receive calls from charities even if you are on the Do Not Call List, but again, you cannot be sure that the person calling is really from the charity so never give money over the phone to a telemarketer who calls you on behalf of a charity.  It is also worth noting that when you do make a charitable donation to a legitimate charity telemarketer, the telemarketer takes a percentage of your contribution as a commission.  If you want your donation to do the most good, you should contact the charity directly to make your donation.

Scam of the day – August 18, 2014 – IRS issues new warning about phony collection calls

Although I have been warning you about this particular scam for a long time, most recently in my Scam of the Day for March 1, 2014, another warning is warranted in the light of the IRS and the Treasury Inspector General for Tax Administration disclosing that so far in 2014 there have been more than 90,000 complaints to the IRS about scam telephone calls in which a scam artist calls an unwary victim and pretends that the scammer is calling from the IRS.  The person receiving the telephone call is told that he or she must pay an overdue tax amount immediately by way of credit card, debit card, cash card or wired funds or there will be harsh penalties including jail time.   Already this year, this scam has cost American taxpayers millions of dollars.

TIPS

This scam is easy to spot.   The IRS will never initiate communications with a taxpayer by phone so if someone calls you purporting to be from the IRS in an initial effort to collect overdue taxes, you should hang up because it is a scam.   Even if your Caller ID appears to show that the call is from the IRS, this does not mean that the call actually is from the IRS.  Through a technique called “spoofing” a scammer can make the call appear to be legitimate, but it is not.  The IRS will never demand payment by credit card, debit card, cash card or wired funds through an initial telephone call.  If you think that you really may owe taxes, call the IRS at 800-829-1040 to speak to a real IRS employee.  If you receive a scam call, you may wish to report the call to the Treasury Inspector General for Tax Administration at 800-366-4484.

Scam of the day – April 14, 2014 – The last income tax scam of the season

Tomorrow is April 15th which is the last day for filing your federal income tax return unless you are a procrastinator who has filed an extension.  Identity thieves and scammers love income tax season as it provides them with an opportunity for a wide variety of scams to steal your money.  I have described these scams in numerous Scams of the day.  As the income tax season comes to an end, scammers and identity thieves are busy with one last scam about which I want to warn you.  It starts with you receiving an email that appears to come from the IRS Taxpayer Advocate Service in which you are told that there is a problem with your recently filed federal income tax return and that IRS computers have found errors in your return.  In order to resolve the problem, you are told to click on a link in the email that purports to take you to the IRS Taxpayer Advocate Service website where you are told you will find information about the problem and the name of the taxpayer advocate assigned to your case.  If you click on the link, you will not go to the IRS Taxpayer Advocate Service, which is a real organization.  Instead you will be sent to a legitimate looking, but phony website that will solicit you to provide information that will enable the identity thief behind this scam to make you a victim of identity theft.

TIPS

The easy way to avoid this scam is to remember that the IRS will never initiate contact with taxpayers by email.  If you get an email, text message or phone call purporting to be from the IRS initiating contact about anything, you can be sure that it is a scam.  As a general rule, however, it is important to recognize that whenever you get an email, phone call or text message, you can never be sure of who is contacting you and whether or not they are legitimate.   Therefore never provide information to anyone who contacts you in this manner and do not click on links or attachments in unsolicited text messages or emails which may either be seeking personal information from you to be used to make you a victim of identity theft or will automatically when you click on the link download keystroke logging malware on to your computer that will steal the information from your computer and again use it to make you a victim of identity theft.

Scam of the day – March 1, 2014 – IRS telephone scam

A call from the IRS demanding that you pay overdue taxes is certainly a nightmare, but that is what many people are experiencing throughout the country.   Generally, the way the scam works is that you get a telephone call from someone purporting to be from the IRS telling you that you owe taxes, interest and penalties.  Your caller ID may even indicate that the call actually is from the IRS, but this too is a scam called “spoofing,” where a scammer can make it appear as if a call is coming from a legitimate source when in reality, it is not.  The caller then threatens you with arrest unless you either provide your credit card over the phone to pay the amount claimed or pay through a prepaid card, such as GreenDot cards which are the equivalent of cash.  The scam artists calling can be quite persuasive and many people are becoming victims of this scam.

TIPS

This scam is actually quite simple to avoid.  If you get a telephone call from the IRS demanding money, it is a scam, so hang up.  The IRS doesn’t call taxpayers demanding payments.  It is important to remember that you should never give your credit card number or a GreenDot card number to anyone over the phone who you have not called because you can never be sure of to whom you are speaking.  So when the IRS purports to call, just hang up.

Scam of the day – July 2, 2013 – Fourth of July scams

Every season is scam season and every day provides unique opportunity for scam artists, the only criminals that we call artists, to try to scam us out of our hard earned money.  Here are a few scams that you should be aware of that will be coming on the Fourth of July.  Many scammers send out emails or text messages purportedly from your bank, the IRS or any of a number of state and federal agencies in which they require you to provide personal information under the guise of some emergency, such as an alleged security breach at your bank.  They do this because if they can frighten you enough to act, you are unable to confirm with the real entity as to whether the communication is legitimate because all of these entities will be closed on the Fourth of July.  If you provide the requested information, it will be used against you to make you a victim of identity theft.  You also should be wary of Fourth of July e cards that you may receive.  These can be loaded with keystroke logging malware that will steal all of the information from your computer or portable device if you download the malware by clicking on the link.  You should also be wary of messages that appear on your Facebook page with links to Fourth of July themed videos that arouse your curiosity.  Again, the links contained within these messages may be loaded with keystroke logging malware.

TIPS

The IRS and many other state and federal agencies will not initiate communications with you through email so you can disregard that email from the IRS or other similar entities.  It is important to be skeptical of any email or text message that you receive that requests personal information.  Never provide such information or click on links in such emails unless you are absolutely sure that the request is legitimate and you can’t be sure unless you have confirmed with the person or entity that purportedly sent it that it is indeed legitimate.  If you can’t confirm on the Fourth of July, let it wait until you can.  As for e cards, never click on a link to an e card unless the message specifically indicates from whom it is being sent and only then after you have confirmed with that person that they indeed did send you an e card.

Scam of the day – November 18, 2012 – New IRS scam

The latest IRS scam to be wary of involves an email that you receive purportedly from the IRS informing you “After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax return of $253.04.  To receive your return, you need to register for an e-Services account:  Click here to register.  If you already have an e-Services account click her to login.”  If you are knowledgeable, you will know that a tax refund is not referred to as a “return.”   However, if you fall for the bait, you will not get any money from the IRS, but clicking on either link will result in your unwittingly downloading dangerous keystroke logging malware onto your computer which enables the identity thief to steal all of the information from your computer such as your credit card numbers, Social Security number, passwords and financial account information which will ultimately result in your becoming a victim of identity theft.

TIPS

If you receive an email from the IRS, you can immediately ignore and delete it because the IRS does not communicate with taxpayers through email.  They only use regular mail to communicate with taxpayers.  It is also important to remember that you never should click on links in emails, tweets, or text messages because even if the source appears legitimate, you cannot be sure that they indeed are legitimate.  It is also possible that the legitimate source of the email, tweet or text message may have had their account hacked into so that you would trust the communication and click on the link.  If you have any concerns about the legitimacy of a forwarded link, contact the person or entity sending it to you by phone to confirm its accuracy.  Finally, as a last line of protection, you should make sure that you not only have a good firewall and computer security software, but that it is constantly updated in order to protect you from the latest viruses and other malware.