By Hector Cisneros
 |
| Courtesy of Vimeo |
In January of 2018, I received a robocall telling me that the IRS was suing me for fraud and that I must call the phone number provided right away. I deleted the voicemail and blocked the number so that I would not receive another annoying call. Then in February, I received a similar robocall telling me basically the same thing. Again, I deleted and blocked the number. Then around March 20th, I received a third Robocall call professing the same fraud. This time I saved the voicemail so that I could show it to the authorities. On April 5th I received an email from a CPA (whom I don’t use) asking me to download and open a “DocuSign” file for my taxes. Again, this was a phishing attack. What do you do when you are being bombarded by cybercriminals who are trying to penetrate your financial defenses. How can you win against such constant attacks? In this episode of Working the Web to Win, we will explore the current rash of IRS scams and cyber-fraud that takes place in the new year, and we will provide prudent measures you can implement to ensure the protection of your financial data and identity.
What's Old is New - Obviously, cyber attacks via robocalls and phishing email in the first quarter of the year are not new. We have written about these types of attacks in the past. Last year we published The Latest Tax & New IRS Scams Attacking US because there was a new rash of scams taking place. Our article called The Growing Holiday Cyber Security Threat, which talks about scams and cyber-attacks that occur during the holidays is also relevant because these kinds of attacks happen throughout the year, they just peak during the holidays. There is no doubt that cybercriminals are ramping up to cash in on the weakness of the level of security shown by the government, businesses and the public in general. Last year’s Equifax breach shows that these criminals are working hard to up the ante.
I am a fairly tech savvy person because I was a network engineer for 30 years. This year, when I received my first fraudulent IRS Scam Robocall, I got annoyed, blocked the number and deleted it from my voicemail box. Each consecutive call just made me madder! So, what should you do when you get one of these calls? First off, don’t overreact. The IRS never communicates via phone calls, voicemails, or emails, period! If you do receive a communication via one of these mediums, it's fake, and an attempt to defraud you in some way. An article in Forbes by Kelly Phillips Erb, called; “Phone Scams Remain on IRS 'Dirty Dozen' List of Tax Scams” shows that thousands of people have been defrauded and millions of dollars lost. It states specifically that;
 |
| Courtesy of Wikimedia Commons |
“The Treasury Inspector General for Tax Administration (TIGTA) reports they have become aware of over 12,716 victims who have collectively paid over $63 million as a result of phone scams since October 2013. As a reminder, the IRS will never:
· Call to demand immediate payment over the phone, nor will the agency call about taxes owed without first having mailed you a bill.
· Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.
· Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
· Require you to use a specific payment method for your taxes, such as a prepaid debit card, gift card or wire transfer.
· Ask for credit or debit card numbers over the phone.”
Kelly Phillips Erb article further tells us what the IRS says you should do if you receive one of these calls. Specifically, it says;
“Don't engage or respond with scammers. Here's what to do if you receive a suspicious phone call or message:
· If you receive a call from someone claiming to be from the IRS, and you do not owe tax, or if you are immediately aware that it's a scam, don't engage with the scammer and do not give out any information. Just hang up.
· If you receive a telephone message from someone claiming to be from the IRS, and you do not owe tax, or if you are immediately aware that it's a scam, don't call them back.
· If you receive a phone call from someone claiming to be with the IRS, and you owe tax or think you may owe tax, do not give out any information. Call the IRS back at 1.800.829.1040 to find out more information.
· You can also contact Treasury Inspector General for Tax Administration (TIGTA) to report scam calls by calling 1.800.366.4484 or by using the “IRS Impersonation Scam Reporting” form on their website. You may also want to report the scam to the Federal Trade Commission (FTC) by using the “FTC Complaint Assistant” to report persons pretending to be from the government; please add “IRS Telephone Scam” in the notes.”
What About the Most Vulnerable? The most vulnerable in our society are the elderly and special needs adults who can more easily be tricked into complying with the IRS scammer’s demands. We need to make every effort to educate and protect these people as they are already at a financial disadvantage in most cases.
 |
| Courtesy of Wikipedia |
Be on the Lookout for IRS Scam Letters via snail mail followed by a fake phone call! These can and will begin to happen during tax time. ID and IRS Scam Letters are already out there, so always verify any letter or call the IRS number listed in this article directly.
A New Twist to Phishing - Email phishing scams are not new, but the level of sophistication (i.e., the look and feel) of these emails keeps getting better and harder to spot. Again, remember the IRS will not email you. A new kind of phishing email I have encountered was a phishing email from a legitimate CPA. His email account was hacked and was used to send out Fake DocuSign emails asking the recipient to download the DocuSign file and open it. This file had a malware payload that would then infect the recipient system looking to capture financial and ID data. It would then repeat the process by utilizing the recipient's email to perpetuate the phishing attack on their contact list.
The best way to stop phishing scams is to make sure you have a multi-layered anti-malware security system employed on all of your digital devices. I have 3 active anti-malware apps running on my main computers and also have active anti-malware apps running on my smartphone and tablets. I also rely on the Google Cloud to pre-filter my email, as it does a very good job of filtering a lot of spam and phishing email out of my inbox.
As far as phone phishing scams go, don’t answer any calls where you don’t recognize the number. If no phone number shows up, don’t answer it. Make the caller leave a voicemail. If it’s an important and legitimate call, they will leave a message. If it's not a legitimate call and they do leave a message, you can add that number to the blocked call list! Most smartphones and Google Voice allow for blocking phone numbers. I use this feature often to block marketers trying to solicit me. Speaking of blocked calls, make sure you add your home, business and cellphone numbers, to the don’t call list. This will minimize calls from legitimate marketers harassing you, but it won’t stop criminals. Blocking the numbers after the fact is the best we can do here.
 |
| Courtesy of Grand Forks Air Force Base |
Tax Professional at Risk! IRS Scams are not just attacking individuals or businesses. They are going after Tax preparers as well. In an article by the IRS called Tax Scams / Consumer Alerts, the IRS states that tax professionals are increasingly being targeted by organized syndicates of cybercriminals who are using many sophisticated methods to gather personal information and fraudulently file federal and state income tax returns. Their article lists a number of suggestions and provides a series of links to help Tax professionals guard against these criminal acts. Here's a brief segment of that article.
- Recent scams targeting the tax professional community include:
- Tax Professionals Urged to Step Up Security as Filing Scheme Emerges
- Tax Professionals Warned of e-Services Scam.
- Tax Professionals Warned of New Scam to “Unlock” Tax Software Accounts.
- A phishing scheme mimicking software providers targets tax professionals.
- Criminals target tax professionals to steal data such as PTINs, EFINs or e-Service passwords.
- Bogus email asks tax professionals to update their IRS e-services portal information and Electronic Filing Identification Numbers (EFINs).
- See: IRS Warns Tax Preparers to Watch out for New Phishing Scam; Don’t Click on Strange Emails or Links Seeking Updated Information
 |
| Courtesy of Wikimedia Commons |
“Report these schemes:
- Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. Do not attach any employee personally identifiable information.
- Email the Federation of Tax Administrators at StateAlert@taxadmin.org to learn how to report victim information to the states.
- Businesses/payroll service providers should file a complaint with the FBI’s Internet Crime Complaint Center (IC3.gov). Businesses/payroll service providers may be asked to file a report with their local law enforcement.
- Notify employees so they may take steps to protect themselves from identity theft. The FTC’s www.identitytheft.gov provides general guidance.
- Forward the scam email to phishing@irs.gov.
- See more details at Form W2/SSN Data Theft: Information for Businesses and Payroll Service Providers.
Employers are urged to put protocols in place for the sharing of sensitive employee information such as Forms W-2. The W-2 scam is just one of several new variations that focus on the large-scale thefts of sensitive tax information from tax preparers, businesses, and payroll companies.
Tax professionals who experience a data breach also should quickly report the incident to the IRS. See details at Data Theft Information for Tax Professionals.”
With 7 billion people on the planet, cybercriminals have a big phishing pond and lots of lures they
can use to hook victims. My call to action for our readers is this. Take these IRS scams seriously. If you don’t, the chances of becoming a victim of fraud and identity theft are high. Begin by closely filtering and monitoring all phone calls and emails. Use the blocking features of your smartphones and services like Google Voice. Buy and use an ID protection service like Life Lock. Make sure you are on the don’t call list and make sure you deploy strong and redundant anti-malware defenses on all your digital devices. I also suggest that you engage in a social media security audit and that you trim back followers you don’t know. I would also suggest that you engage in social media consciously and deliberately making sure you are interacting with friends and family, not the whole world! If you're buying things online, use disposable email accounts and refillable credit cards. Stay informed about cyber breaches and educate yourself on the most current means of protecting your digital domain.
 |
| Courtesy of Wikimedia Commons |
That's my opinion; I look forward to reading yours.
This article provides a look at the current IRS Scams and other cybercrimes being perpetrated on the US population, its businesses, payroll service providers and tax preparation professionals. This article covers how to spot these fraudulent scams and list several things the IRS say anyone can do to protect themselves and their businesses. It further provides other ways to protect yourself from various ID theft scams as well.
 |
| Get your FREE copy below. |
If you or your business could use some help with marketing, give us a call at 904-410-2091. We are here to help. You can also fill out the form in the sidebar of this blog. It will allow us to provide you with a free marketing analysis designed to help you get better online results. Our claim to fame is that we are one of the few companies that actually provides ironclad written guarantees. Don't forget to sign up for your FREE eBook!
nice post...
ReplyDeleteLinksys Smart Wifi Login