The Internal Revenue Service (IRS) recently released an article detailing the two most common types of fraudulent activity: email phishing and IRS-impersonation telephone scams.
he email phishing scam involves a false email that appears to be from the IRS and includes a link that directs you “to update your IRS e-file immediately.” By clicking the link, you enable fraudsters to capture usernames, passwords and other personally identifiable information. The IRS-impersonation telephone scam is when a caller (or automated message) claims to be an employee of the IRS and informs victims they owe money that must be paid immediately to the IRS; or they request banking information for an owed refund.
Below is guidance for how the IRS will contact you for payment:
- The IRS will never call to demand immediate payment. A bill will always be sent first, prior to any phone call being made. Additionally, you are always allowed to question or appeal the amount you owe.
- The IRS accepts multiple forms of payment. If someone is requesting that you pay your taxes a certain way (prepaid debit card or cashier’s check only), it’s a scam.
- The IRS will never threaten to have police or other agencies involved; or threaten you with a lawsuit.
Don’t Fall Victim
It’s important to be cognizant of this type of fraudulent activity. Following are warning signs that you should be aware of:
- Legitimacy: Emails containing unusual web links should always be questioned. One way to verify a link’s legitimacy is to hover your mouse cursor over embedded links to ensure the URL uses encryption (https://). Also, be mindful of the proper use of federal acronyms (e.g. IRSgov vs. IRS.gov).
- Personal Information: It is never a good idea to send any forms of personally identifiable information to an unsolicited request. Personal information includes but is not limited to: Social Security Number, credit card numbers, usernames, passwords, etc.
- Formatting and Grammar: Emails from fraudsters are typically unformatted. They appear to be sloppy and do not flow well. The message or body of the email usually contains poor grammar, multiple misspelled words, incorrect usage of pronouns, lacks sentence structure and uses generic phrases (e.g. good evenning mr valued customer.)
- Lack of Communication: Fraudsters will advise victims not to contact any outside party (e.g. IRS, lawyers, family, CPAs, financial advisors, etc.). If your client is being advised not to contact the IRS directly, they are being scammed.
- Too Good To Be True: If it seems too good to be true, it probably is. If a single click allows you to fund your account, it’s more than likely a scam.
If your client has been targeted as a tax fraud victim or if there is any suspicion around a similar type of activity to that detailed above, please submit a Potential Suspicious Activity Referral form in your RJ profile.
If you or someone you know receives a ‘phishing’ email, the IRS offers this advice:
- Don’t reply to the message.
- Don’t give out your personal or financial information.
- Forward the email to firstname.lastname@example.org.Then delete it.
- Don’t open any attachments or click on any links. They may have malicious code that will infect your computer.