Income taxes, tax form, AP file photo (copy) (copy) (copy)

The Internal Revenue Service has rolled out a new alert suggesting that tax professionals and taxpayers are being targeted in an elaborate scheme.

Associated Press archives

So among other cybersecurity worries, now we’re all wondering how the stolen Equifax data — which includes Social Security numbers — might drive up tax refund fraud.

But IRS Commissioner John Koskinen said he’s doubtful the Equifax breach will make a noticeable difference in tax-related ID scams.

That’s because a significant amount of that data was stolen through earlier breaches in recent years at major employers, cyber attacks on the health care sector and even hacking incidents involving the federal government’s computer systems, including records of the Office of Personnel Management.

Koskinen estimated personal information for more than 100 million tax filers was already stolen by hackers.

“You should assume your name, address and Social Security number are already in the hands of criminals and act accordingly,” Koskinen said.

Equifax has reported that hackers had access to information, including Social Security numbers, for more than 145 million consumers.

Acting accordingly, of course, means recognizing that cyber crooks aren’t giving up.

Instead, they’re upping their game. So it’s essential to pay attention to the latest tricks that go far beyond just impersonating the IRS and demanding money be placed on Amazon gift cards.

Annuities, life insurance

Now, cyber crooks are trying to grab money out of your annuity or life insurance account. Seriously.

The Internal Revenue Service — which has a boatload of warnings about tax-related scams — has rolled out a new alert suggesting that tax professionals and taxpayers are being targeted in an elaborate scheme that can enable crooks to take out loans or make withdrawals from annuities or life insurance accounts. Or they might use some of that information to file fake tax returns, too.

Crooks want data wherever they can find it, so they’re targeting tax professionals, payroll professionals, human resources personnel and others.

Sometimes, it can start with phishing email that looks like it’s being sent from the tax professional to the client.

Or phishing emails can appear to be from a top executive at a company who is demanding that someone at the same company forward a list of W-2 information.

Or maybe a phishing email looks like it’s being sent by a taxpayer to a tax professional.

A simple mistake — such as a quick click on a link or a rushed response — can lead to problems.

One new scam: The cyber criminal targets tax professionals by impersonating a cloud-based storage provider.

Without thinking, the tax professional quickly provides their email credentials, including a username and password. But unfortunately, that information helps fraudsters unlock a list of email addresses for clients.

The second step — and one that consumers must pay attention to here — the crooks then send phishing emails to individual taxpayers.

Taxpayers receive a phishing email that looks like it’s from their own tax professional and, as part of some new scams, the email has a fake IRS insurance form attached.

The text might read: “Dear Life Insurance Policy Owner, Kindly fill the form attached for your Life Insurance or Annuity contract details and fax back to us for processing in order to avoid multiple tax bills.”

Anyone who falls for this one can end up sending a fax, or email in some cases, directly to the fraudsters. And the criminal ring then attempts to take out a loan or withdraw money directly from the annuity or life insurance policy.

Sophistication growing

The IRS said crooks are more frequently showing a sophisticated knowledge of the tax code and practices in the tax preparation industry.

Business, partnership and estate and trust filers increasingly are targeted by national and international criminal syndicates.

Fraudsters need to dig a little deeper to make tax returns look more legitimate in order to bypass additional security filters that have been put in place in recent years by the IRS and others.

“We’ve made it harder for criminals to file false returns in volume,” Koskinen said.

So he said cyber criminals stockpile names and Social Security numbers that they’ve collected over the years.

“They try to leverage that data to gather even more personal information,” Koskinen said.

In the past year, the IRS said there has been a sharp increase in the number of fraudulent business-related filings, including those involving Forms 1120, 1120S and 1041 as well as Schedule K-1.

Beginning next year, more ID theft protection will be used for some business returns. Tax professionals are encouraged to make sure that the name and the Social Security number of the company individual authorized to sign the business return is legitimate.

The IRS has a new Identity Theft Guide for Business, Partnerships and Estate and Trusts.

Also beginning next year, there will be a “verification code” box included on all official W-2 forms for the first time. There will be a 16-character code on about 66 million W-2 forms and taxpayers and tax professionals will be urged to enter the code, if the box on the W-2 contains the code.

Spotting signs of trouble

A business — or a consumer — can spot signs of trouble when:

  • A request for an extension to file — or an electronically filed return — is rejected because a return with the same Employer Identification Number or Social Security number is already on file.
  • A receipt of a tax transcript or IRS notice suddenly shows up but doesn’t correspond to anything submitted by the filer.
  • Or maybe the business does not receive routine correspondence from the IRS because the thief has changed the address.

If you’re concerned about ID fraud, you can:

Susan Tompor is the personal finance columnist for the Detroit Free Press. She can be reached at stompor@freepress.com.

1
2
0
0
1