Home / Customer Support / Fraud Info / Protect Yourself from Email Tax Scams

Protect Yourself from Email Tax Scams

It is tax season and criminals are seizing the opportunity for scams. Do not become the next victim.

Scammers leverage every means at their disposal to separate you from your money, your identity, or anything else of value they can get. They may offer seemingly legitimate “tax services” designed to steal your identity and your tax refund, sometimes with the lure of bigger write-offs or refunds. Scams may include mocked-up websites and tax forms that look like they belong to the Internal Revenue Service (IRS) to trick you into providing your personal information.

Scam artists can prey on users by promising refunds that are fraudulent, a scam the IRS says has been rampant in previous years. In these scams, notices are posted on bulletin boards, in libraries, and at other community sites people visit either in person or online. 

Scammers make money from this trick in two ways. First, they collect a fee for helping to “file” for a refund on behalf of their victims. Second, they steal the victim’s identity for further exploitation. The victims are left paying a fee for a fraudulent service, not getting a refund they thought they would, and are potentially in a position to face charges for failing to file a return or for committing fraudulent reporting.

How to Recognize an Email Tax Scam
According to the IRS, below are the key ways to recognize an email tax scam.

The email:

  • Requests personal and/or financial information, such as name, Social Security number, banking and credit card account numbers, or mother's maiden name, either in the email itself or on a website to which the email links.
  • Includes exciting offers to get you to respond, such as mentioning a tax refund or offering to pay you for participation in an IRS survey.
  • Threatens a consequence for not responding to the email, such as additional taxes or blocked access to your funds.
  • Has incorrect spelling for the IRS or other federal agencies.
  • Uses incorrect grammar or odd phrasing.
  • Discusses “changes to tax laws” and includes a downloadable document (usually in PDF format) that purports to explain the new tax laws. These documents are generated with malware that, once downloaded, may infect your computer.

How To Avoid Becoming A Victim
To stay safer this tax season, follow these five steps:

  1. Secure your computer. If your computer does not have proper security controls, it is vulnerable to access by criminals, who may be able to steal information stored on it. Make sure your computer has the latest security updates installed. Check that your anti-virus and anti-spyware software are running properly and are receiving automatic updates from the vendor. If you have not already done so, install and enable a firewall.
  1. Carefully select the websites you visit. Safely searching for tax forms, advice on deductibles, tax preparers, and similar topics requires caution. Know the website. Know the company. Do not visit a website by clicking a link sent in an email, found on someone’s blog, or in an advertisement. The website you land on may look just like the real website, but it may be a well-crafted fake.
  1. Do not fall prey to email, Web, or social networking scams.  Common scams tout tax rebates, offer great deals on tax preparation, or offer a free tax calculator tool. If you did not solicit the information, it is likely a scam. If the email claims to be from the IRS, it is a scam. The IRS will not contact you via email, text messaging, or social networking, nor does it advertise on websites. If the email appears to be from your employer, financial institution, broker, etc. claiming there is an issue with what they reported for you and you need to verify some information, it might be a scam. Do not respond to the email. Contact the entity directly before responding.
  1. Never send sensitive information in an email. It may be intercepted and read by criminals.
  1. Use strong passwords. Cybercriminals have developed programs that automate the ability to guess your passwords. To protect yourself, passwords must be difficult for others to guess, but at the same time, easy for you to remember. Passwords should have a minimum of nine characters and include uppercase letters, lowercase letters, numbers, and symbols. Make sure your work passwords are different from your personal passwords.

Resources For More Information

 

The above information was provided by SHAZAM and the Multi-State Information Sharing & Analysis Center, A Division of the Center for Internet Security.