On March 17, the U.S. Internal Revenue Service (IRS) and the Treasury Department announced the extension of the federal income tax filing due date from April 15, 2021 to May 17, 2021. This decision is designed “to help taxpayers navigate the unusual circumstances related to the pandemic,” IRS Commissioner Chuck Rettig explained in a news release. But it also carries the unwanted consequence of giving scammers more time to use the urgency of a looming tax deadline in an attempt to target taxpayers.
PJ Norris, senior systems engineer at Tripwire, explained to Information Security Media Group why this turns out to be the case every year.
This is because phishing campaigns are much more successful when the message creates a sense of urgency in the recipient, who is more likely to download an attachment or click on a link without thinking twice.
Acknowledging this tradition of fraud, it’s important that taxpayers familiarize themselves with some of the scams that are circulating this tax season. Below are three ruses that have drawn the attention of the IRS itself along with recommendations on how taxpayers can protect themselves.
Scam #1: “Ghost” Preparers
At the beginning of February, the IRS warned taxpayers to be on the lookout for “ghost” tax preparers that refuse to sign the returns on which they’ve lent their assistance. This often takes the form of a preparer printing the return, at which point they instruct the taxpayer to sign and mail it. It might also involve the preparer refusing to digitally sign an e-filed return. Such behavior violates their obligation as a paid preparer to sign any return that they’ve assisted with and to include their Preparer Tax Identification Number (PTIN). In not fulfilling those legal obligations, the “ghost” preparer might be trying to charge additional fees based upon the size of the refund or to direct refunds into their bank account and not their client’s.
In defense of this type of scam, taxpayers need to carefully choose a tax preparer based upon their credentials and qualifications. It’s essential for them to work with someone they trust. That way, they can freely ask questions about anything that’s unclear before they sign their return. Additionally, taxpayers need to verify their banking information on a completed tax return to ensure that any direct deposit refund ends up in their account.
Scam #2: EFIN Theft
It was just a few days later when the IRS warned tax professionals to be on the lookout for scam emails that attempt to steal their Electronic Filing Identification Numbers (EFINs). The emails inform a recipient that the IRS needs to verify “all authorized e-file originators” before the tax collection agency can begin processing e-filed returns. Towards this end, they demand that the recipients send over a PDF copy of their EFIN along with their driver’s license lest they lose access to their account. If successful, those responsible for crafting the emails could use that stolen information to impersonate their victims and to file fraudulent returns in their names.
This campaign highlights the need for tax professionals to defend themselves against phishing scams that use a sense of urgency to trick them into disclosing sensitive information. When they come across this type of attack, tax professionals should refrain from clicking on any links or opening any attachments. Instead, they should report the message to firstname.lastname@example.org.
Scam #3: IRS Impersonation
News of the third and final scam arrived at the end of March when the IRS issued an alert about an impersonation email scam targeting students and teachers who had “.edu” email addresses. The attack emails used stolen branding for the IRS along with subject lines such as “Tax Refund Payment” and “Recalculation of your tax refund payment” to trick them into thinking they could claim their refund by clicking on a link and submitting a web form. That form prompted visitors to provide almost a dozen pieces of personal information including their Social Security Number, driver’s license number and electronic filing PIN. With that data, the attackers could file fake tax returns for students and teachers at universities, private businesses and non-profit organizations.
Taxpayers can respond to this scam by refraining from clicking on the embedded link and by reporting the email to email@example.com. They can also take the additional step to minimize the threat of someone filing a fraudulent tax return in their names by obtaining an Identity Protection PIN. More information on this voluntary opt-in program is available here.
How to Defend Against These Tax-Related Scams
Beyond the recommendations discussed above, taxpayers should practice general security hygiene. This includes not divulging personal details via email or over the phone along with reporting any suspected scams to the Treasury Inspector General for Tax Administration.
They can learn more about how to spot a tax-related scam by checking out this FAQs page.