Dirty Dozen Tax Scams: 2020 Edition - Part II
The "Dirty Dozen" is a list of common tax scams that target taxpayers. Compiled and issued annually every year by the IRS, this year it includes many aggressive and evolving schemes related to coronavirus tax relief, including Economic Impact Payments. The criminals behind these bogus schemes view everyone as potentially easy prey and everyone should be on guard, especially vulnerable populations such as the elderly.
While tax-related scams usually increase at tax time, this year, scam artists are using pandemic to try stealing money and information from honest taxpayers. As such, taxpayers should refrain from engaging potential scammers online or on the phone.
Here is the second half this year's "Dirty Dozen" tax scams:
7. Scams Targeting Non-English Speakers
IRS impersonators and other scammers also target groups with limited English proficiency. These scams target those potentially receiving an Economic Impact Payment and request personal or financial information from the taxpayer.
Phone scams are often threatening in nature and pose a major threat to people with limited access to information, including individuals not entirely comfortable with the English language. These calls frequently take the form of a "robocall" (a text-to-speech recorded message with instructions for returning the call), but in some cases may be made by a real person. These con artists may have some of the taxpayer's information, including their address, the last four digits of their Social Security number or other personal details, which makes the phone calls seem more legitimate.
One of the most common scams is the IRS impersonation scam where a taxpayer receives a telephone call threatening jail time, deportation or revocation of a driver's license from someone claiming to be with the IRS. Taxpayers who are recent immigrants often are the most vulnerable and should ignore these threats and not engage the scammers.
8. "Ghost" Tax Return Preparers
Selecting the right return preparer is important because they are entrusted with a taxpayer's sensitive personal data. Most tax professionals provide honest, high-quality service, but dishonest preparers pop up every filing season committing fraud, harming innocent taxpayers or talking taxpayers into doing illegal things they regret later.
Taxpayers should always avoid so-called "ghost" preparers who expose their clients to potentially serious filing mistakes as well as possible tax fraud and risk of losing their refunds. With many tax professionals impacted by COVID-19 and their offices potentially closed, taxpayers should take particular care in selecting a credible tax preparer.
Ghost preparers don't sign the tax returns they prepare. They may print the tax return and tell the taxpayer to sign and mail it to the IRS. For e-filed returns, the ghost preparer will prepare but not digitally sign as the paid preparer. By law, anyone who is paid to prepare or assists in preparing federal tax returns must have a Preparer Tax Identification Number (PTIN). Paid preparers must sign and include their PTIN on returns.
Unscrupulous preparers may also target those without a filing requirement and may or may not be due to a refund. They promise inflated refunds by claiming fake tax credits, including education credits, the Earned Income Tax Credit (EITC), and others. Taxpayers should avoid preparers who ask them to sign a blank return, promise a big refund before looking at the taxpayer's records or charge fees based on a percentage of the refund.
Taxpayers are ultimately responsible for the accuracy of their tax return, regardless of who prepares it.
9. Offer in Compromise (OIC) Mills
Taxpayers need to be wary of misleading tax debt resolution companies that can exaggerate chances to settle tax debts for "pennies on the dollar" through an Offer in Compromise (OIC). These offers are available for taxpayers who meet very specific criteria under the law to qualify for reducing their tax bill. But unscrupulous companies oversell the program to unqualified candidates so they can collect a hefty fee from taxpayers already struggling with debt.
These scams are commonly called OIC "mills," which cast a wide net for taxpayers, charge them pricey fees and churn out applications for a program they're unlikely to qualify for. Although the OIC program helps thousands of taxpayers each year reduce their tax debt, not everyone qualifies for an OIC. In Fiscal Year 2019, there were 54,000 OICs submitted to the IRS. The agency accepted 18,000 of them.
10. Fake Payments with Repayment Demands
Criminals are always finding new ways to trick taxpayers into believing their scam including putting a bogus refund into the taxpayer's actual bank account. Here's how the scam works:
A con artist steals or obtains a taxpayer's data including Social Security number or Individual Taxpayer Identification Number (ITIN) and bank account information. The scammer files a bogus tax return and has the refund deposited into the taxpayer's checking or savings account. Once the direct deposit hits the taxpayer's bank account, the fraudster places a call to them, posing as an IRS employee. The taxpayer is told that there's been an error and that the IRS needs the money returned immediately or penalties and interest will result. The taxpayer is told to buy specific gift cards for the amount of the refund.
The IRS will never demand payment by a specific method. There are many payment options available to taxpayers and there's also a process through which taxpayers have the right to question the amount of tax we say they owe. Anytime a taxpayer receives an unexpected refund and a call from us out of the blue demanding a refund repayment, they should reach out to their banking institution and the IRS.
11. Payroll and HR Scams
Tax professionals, employers, and taxpayers need to be on guard against phishing designed to steal Form W-2s and other tax information. These are Business Email Compromise (BEC) or Business Email Spoofing (BES). This is particularly true with many businesses closed and their employees working from home due to COVID-19. Currently, two of the most common types of these scams are the gift card scam and the direct deposit scam.
Gift card scam. In the gift card scam, a compromised email account is often used to send a request to purchase gift cards in various denominations.
Direct deposit scam. In the direct deposit scheme, the fraudster may have access to the victim's email account (also known as an email account compromise or "EAC"). They may also impersonate the potential victim to have the organization change the employee's direct deposit information to reroute their deposit to an account the fraudster controls.
BEC/BES scams have used a variety of ploys to include requests for wire transfers, payment of fake invoices as well as others. In recent years, the IRS has observed variations of these scams where fake IRS documents are used to lend legitimacy to the bogus request. For example, a fraudster may attempt a fake invoice scheme and use what appears to be a legitimate IRS document to help convince the victim.
The Direct Deposit and other BEC/BES variations should be forwarded to the Federal Bureau of Investigation Internet Crime Complaint Center (IC3) where a complaint can be filed. The IRS requests that Form W-2 scams be reported to firstname.lastname@example.org (Subject: W-2 Scam).
Ransomware is malware targeting human and technical weaknesses to infect a potential victim's computer, network, or server and is a rapidly growing cybercrime. It doesn't just affect individuals either. Recently, Garmin Ltd., a GPS, and fitness-tracker company was the victim of a ransomware attack and asked to pay $10 million in "ransom" to restore its systems.
Malware is a form of invasive software that is often frequently inadvertently downloaded by the user. Once downloaded, it tracks keystrokes and other computer activity. Once infected, ransomware looks for and locks critical or sensitive data with its encryption. In some cases, entire computer networks can be adversely impacted.
Victims generally aren't aware of the attack until they try to access their data, or they receive a ransom request in the form of a pop-up window. These criminals don't want to be traced so they frequently use anonymous messaging platforms and demand payment in virtual currency such as Bitcoin.
Cybercriminals might use a phishing email to trick a potential victim into opening a link or attachment containing the ransomware. These may include email solicitations to support a fake COVID-19 charity. Cybercriminals also look for system vulnerabilities where human error is not needed to deliver their malware.