The Internet Crime Complaint Center has issued an alert on the increase in W-2-related phishing campaigns. Fraudsters often use tax-related phishing emails to get victims to provide personally identifiable information, click on a malicious link, or pay a ransom.
But email phishing isn't the only threat facing taxpayers. The IRS has also warned of a quickly growing scam involving erroneous tax refunds being deposited into taxpayers' bank accounts. This scam is growing in popularity as a function of the increasing number of CPAs and tax professionals whose systems have been breached and their clients' personal information exposed. According to the IRS, "after stealing client data from tax professionals and filing fraudulent tax returns, these criminals use the taxpayers' real bank accounts for the deposit. Thieves are then using various tactics to reclaim the refund from the taxpayers, and their versions of the scam may continue to evolve."
The number of scams and cyber security threats facing tax professionals has increased dramatically this tax season--and more of the threats are coming from organized crime. The IRS advises that "these criminals – many of them sophisticated, organized syndicates - are redoubling their efforts to gather personal data to file fraudulent federal and state income tax returns."
Document scams targeting CPA firms and tax professionals include phishing emails posing as software providers, intrusions designed to steal PTINs, EFINs or e-Serice passwords, and fraudsters posing as the Taxpayer Advocacy Panel--all designed to gain access to taxpayers' personal information.