Popular search terms:
Published:   |   Last Updated: October 24, 2024

Protecting Yourself and Your Clients From Evolving Tax Scams

 

Tax professionals need to be on the lookout for a variety of new and evolving schemes aimed at stealing sensitive taxpayer information. These schemes don’t just threaten your clients, they can damage your business as well.

Thieves have upped their game by targeting tax professionals to get valuable information needed to file authentic-looking tax returns. Tax professionals need to watch out for scammers that masquerade as new clients, the IRS, or others in the tax community.

Tax professionals should increase their awareness of the types of scams out there and consider ways to shield themselves and their clients from identity theft and security threats. Here are some trending examples to watch out for:

The “New Client” scheme

  • This is where fraudsters pretend to be real taxpayers seeking professional help with their taxes. They use emails to try to get sensitive information or gain access to a practitioner’s client data. In these fake “new client” schemes, fraudsters send a malicious link or attachment for the tax professional to obtain the supposed new client’s tax information. In reality, the site is collecting information from the tax pro, such as their email and password, or loading malware onto the tax pro’s computer to gain access to their computer or system.

 Phishing scams

  • These scams involve phishing attempts where scammers try to obtain information and file a fraudulent return that looks legitimate. Fraudsters try to get identification numbers by sending emails or texts that appear to be from the IRS. The scammers state they need the recipient to confirm information by entering it into a form that is hosted on what appears to be a real IRS website. However, the website is a fake designed to look like the real thing. If a fraudster can obtain a Centralized Authorization File (CAF) number, it can be used to obtain tax transcripts and other taxpayer personally identifiable information for identity theft refund fraud and other crimes. When this happens, the fraudster has not only obtained your CAF number but also has now gained your and your client’s personal information.

Phone, text, and correspondence schemes

  • Another wave of scams hitting taxpayers with frequency involves identity thieves using phone calls and text messages to get Social Security numbers, birth dates, and banking information from victims. These schemes are common right now and can target not just taxpayers but potentially tax professionals and their clients. These types of scams include:
    • Artificial intelligence (AI) scams used for false correspondence, with AI used to create fake IRS letters that are mailed to victims.
    • The “Zero Tax” program, in which callers promise to wipe out tax debt for people who owe back taxes. The callers request people’s Social Security numbers as part of their pitch, which they use for various crimes.
    • Social media scams pushing inaccurate or misleading tax information that involves creating false tax documents like a Form W-2 or claiming credits which the taxpayer is not entitled to like the Fuel Tax Credit, Sick and Family Leave Credit, or Household Employment Credits.
    • Scammers reaching out by phone or text message to dupe people into handing over their financial information in exchange for a false promise of IRS refunds.

Ways to avoid and report scams

If you or your client receives an email that appears to be a scam, the email can be forwarded to phishing@irs.gov. IRS cybersecurity experts prefer to see the full email and header to help them identify the scheme.

If, as a practitioner, you discover you are victim of a security breach, please contact IRS Stakeholder Liaison to report the theft, and they will ensure the appropriate IRS offices are notified. When an incident is reported quickly, the IRS can take steps to block fraudulent returns in the clients’ names and will assist you through the process. You can also report information with your appropriate state tax authority by using the Federation of Tax Administrators Report a Data Breach page.

Depending on the number of clients impacted by a security incident, practitioners may also have the obligation to notify their clients and state and federal agencies of a security incident. Practitioners should become familiar with the state and federal notification and other requirements that apply to them well in advance of an actual security incident.

Resources

Use Caution

When Using Tax Advice or Tax Return Preparers Found on Social Media

Read More

Security Summit

IRS Tax Scams and Consumer Alerts

Read More

Want to get the latest tax news, learn more about taxpayer rights, and upcoming TAS events while looking at cute dogs and pop culture references? Look no further than TAS Social Media. Follow, like and share our content to help spread the work on how we advocate for taxpayers!

TAS on Social Media