IRS warns: File tax return before cybercriminals do it for you

Photo by Tuan Azizi | iStock, Getty Images Plus, St. George News

ST. GEORGE — The IRS 2018 tax season officially opened Monday, and already fraudsters have phishing messages with fake refund notification websites in place with one goal in mind: to get their hands on the taxpayer’s personal information.

Tax refund fraud affects hundreds of thousands of U.S. citizens annually, according to the Department of Justice, costing the U.S. Treasury billions of dollars each year.

This tax season is slated for the Form W-2 scam, identified by the IRS as “one of the most dangerous phishing emails in the tax community.” In fact, payroll personnel have been tricked into disclosing sensitive information on the company’s entire workforce to scammers, IRS officials said in a statement released Jan. 17.

The losses from this scam stretch across multiple industries and company sizes, the public school and university systems and even government and charity organizations, the IRS said.

Last year, more than 200 employers were victimized, which translated into hundreds of thousands of employees who had their identities compromised, and the rise in the number of victims is staggering.

In 2016 there were just over 100 victims. That number jumped to 700 in 2017, with 2018 potentially seeing “a new surge in the phishing scheme,” IRS officials said in the release.

The IRS began alerting employers in January, hoping to limit the proliferation of the scam this tax season, and to that end the IRS has streamlined the process for employers to report these types of scams, as well as taken additional steps in an effort to protect employees.

“There are steps the IRS can take to protect employees, but only if the agency is notified immediately by employers about the theft,” the statement said.

Here’s how the W-2 scam works

Unlike most scams, which target as many potential victims as possible, the Form W-2 scam is much more narrowly focused. Once a target is identified – either a small business or large corporation – the fraudsters research the company to find the names of the payroll officers or the individual in charge of the employee files. Posing as one of the top executives of the organization, the scammers request copies of Form W-2 for all employees from the payroll officer.

Once the information is sent from the company, the thieves have everything they need to file a false tax return, including the employee’s name, address, Social Security number, income and withholding information. Once the return is filed, the refund is transferred directly into an account. These fake returns can yield refunds, or the information can be posted on the dark web and sold.

Employers need to exerciser greater caution in handling employee records and protect the personal information of their workforce by thoroughly checking all requests for information before releasing the information.

Tax return identity theft is not confined to an unsuspecting payroll clerk releasing employee information to scammers, as identity thieves have used data illegally retrieved from a variety of third-party and government sites to file phony tax refund requests.

Ripple effects of the Equifax breach. 

The massive Equifax breach discovered in September of last year put millions of people’s tax refunds in jeopardy by exposing the personal information – including Social Security numbers – of more than 143 million people, which adds up to a significant number of potential victims.

That data, labeled as the “crown jewels of personal information” by independent credit analyst John Ulzheimer, can’t be changed, and once it’s in circulation, it’s basically out there forever.

Read more: Equifax breach sows chaos among 143M Americans 

The IRS warns that it is possible that the Equifax breach could lead to an increase in fake federal tax filing attempts this year, but taxpayers can take steps to protect themselves from becoming a victim.

Protecting the taxpayer from identity theft

The IRS has implemented heightened security measures to crack down on identity thieves this year.

One such change is the inclusion of a verification code box on all official federal Form W-2’s for 2018. Approximately 66 million Americans will see a 16-character code on their W-2s that can be entered into this box to help confirm their identity.

Additionally, if the IRS suspects that an individual was the likely the victim of tax refund fraud during the previous tax year, they generally send a special filing PIN that needs to be entered before the IRS will accept the return electronically.

Victims typically discover the fraud after their federal returns are rejected because the return was already filed, with the refund deposited directly into a scammer’s bank account. The scam is not limited to individuals expecting a refund but can also happen to those not required to file a tax return or those not expecting a refund.

To prevent this, file as early as possible, as soon as the tax information is received, and respond right away to letters from the IRS.

When filing taxes online, use a secure connection instead of using free Wi-Fi provided in public, making sure strong passwords are set on all accounts associated with tax filings.

The IRS has issued several alerts about the fraudulent use of the IRS name or logo by scammers trying to gain access to consumers’ financial information to steal their identity and assets, with scam emails designed to trick taxpayers into thinking these are official communications from the IRS or other tax software companies.

These emails contain the directions that “you are to update your IRS e-file immediately,” but these emails are not from the IRS, and the agency warns to be suspicious of emails or websites asking for personal information or tax data, as the IRS will never initiate contact with taxpayers about a bill or refund.

Tax season also sees an increase in the phone-based tax scams, with fraudsters threatening taxpayers with arrest, deportation and other penalties if they don’t make an immediate payment over the phone.

To report tax-related illegal activities, refer to the IRS “How Do You Report Suspected Tax Fraud Activity?” chart. To report a suspicious phishing email which appears to have been sent from the IRS, forward it to phishing@irs.gov.

Employers that have experienced a data breach should notify the IRS using the email dataloss@irs.gov, and type “W2 Data Loss,” in the subject line.

Email: cblowers@stgnews.com

Twitter: @STGnews

Copyright St. George News, SaintGeorgeUtah.com LLC, 2018, all rights reserved.

Free News Delivery by Email

Would you like to have the day's news stories delivered right to your inbox every evening? Enter your email below to start!

1 Comment

  • George February 2, 2018 at 8:49 am

    So we live in a country where Equifax can allow a massive data breach, with no real penalties, and then crooks can take the data Equifax didn’t protect to steal our identity and file fake tax returns. If your best advice is to ‘file early’ that’s no advice. That’s pathetic. What happens when the crooks and the Russians systematically steal every bit of financial information to take every account and every dollar we own?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.