WILLIAMS, Ariz. —You open your voicemail and there is a threatening message that says, “There is a legal petition notice filed under your name from the IRS for tax evasion and tax fraud … failure to return the call will result in law enforcement action against you.”
Local law enforcement is beginning to hear reports from residents receiving calls from scammers claiming to be with the IRS.
This type of scam often occurs in the months leading up to Tax Day, which this year falls on Tuesday, April 17.
The IRS reports that sometimes residents will receive a recording claiming it is their final notice to pay the IRS, or a tax discrepancy has been received and it is urgent to return the call. Other times people have reported receiving a call from someone with the IRS who makes threats about a warrant being issued for their arrest.
Some schemes target victims online, by reaching out through emails. The IRS says that people should know they do not ask for personal information through email.
The IRS advises that if you receive one of these calls you should call the IRS directly at 1-877-382-4357.
Employer scam: request for W-2
The IRS urges employers to educate their payroll personnel about a Form W-2 phishing scam that made victims of hundreds of organizations and thousands of employees last year.
The Form W-2 scam has emerged as one of the most dangerous phishing emails in the tax community. During the last two tax seasons, cybercriminals tricked payroll personnel or people with access to payroll information into disclosing sensitive information for entire workforces.
Here’s how the scam works: cybercriminals do their homework, identifying chief operating officers, school executives or others in positions of authority. Fraudsters posing as executives send emails to payroll personnel requesting copies of Forms W-2 for all employees.
The Form W-2 contains the employee’s name, address, Social Security number, income and withholdings. Criminals use that information to file fraudulent tax returns, or they post it for sale on the Dark Net.
The initial email may be a friendly, “hi, are you working today” exchange before the fraudster asks for all Form W-2 information. In several reported cases, after the fraudsters acquired the workforce information, they immediately followed that up with a request for a wire transfer.
In addition to educating payroll personnel, the IRS urges employers to limit the number of employees who have authority to handle Form W-2 requests, and that they require additional verification procedures to validate the actual request before emailing sensitive data such as employee Form W-2s.
If the business or organization victimized by these attacks notifies the IRS, the IRS can take steps to help prevent employees from being victims of tax-related identity theft. However, because of the nature of these scams, some businesses and organizations did not realize for days, weeks or months that they had been scammed.
The IRS established a special email notification address specifically for employers to report Form W-2 data thefts. W-2 scam victims can notify the IRS by emailing firstname.lastname@example.org to notify the IRS of a Form W-2 data loss and in the subject line, type “W2 Data Loss”. Include the business name, EIN, contact name, contact phone number, how the data loss occurred and volume of employees impacted.
Tax preparers: fake client scam
Some tax professionals have reported attempts by fraudsters to pierce their security by posing as potential clients. Crooks use phishing emails to trick tax practitioners into opening a link or attached document.
The fraudsters, posing as potential clients, send initial emails to tax practitioners. If the tax practitioner responds, the fraudster will send a second email that contains either a phishing URL or an attached document that contains a phishing URL, claiming their tax data is enclosed. The fraudster wants the tax pro to click on the link or attachment and then enter their credentials.
The IRS also has received recent reports of fraudsters again posing as IRS e-Services, asking tax pros to sign into their accounts and providing a disguised link. The link, however, sends tax pros to a fake e-Services site that steals their usernames and passwords.
Tax practitioners receiving emails from fraudsters posing as the IRS, or even their tax software provider, should go directly to the main website, such as IRS.gov, rather than opening any links or attachments.