While businesses and tax preparers get ready for the 2020 tax season, tax scams ranging from high-tech identity theft to online con jobs are always prevalent.
While businesses and tax preparers get ready for the 2020 tax season, tax scams ranging from high-tech identity theft to online con jobs are always prevalent. Tax season is the prime time for phishing and spreading malware; without fail, tax-related online scams remain the most popular type of phishing scam every year.
Below are several examples of tax scams of which businesses should be aware, particularly individually owned pass-through S Corporations, as they prepare to file their tax returns this year.
The first type of phishing scam that can harm business owners arrives in the form of an email claiming to be from the Internal Revenue Service (IRS), stating that the business’s tax return is restricted. Another example is a phishing email that impersonates popular tax preparation software, claiming that the account is locked. In both cases, the goal is to convince the recipient to click on a link and submit personal information to unlock the tax return or account; that way those orchestrating the scam gain access to personal information.
Additionally, there is the ongoing threat of W-2 scams, where cyber criminals trick payroll and human resources professionals into sharing sensitive tax information via a fraudulent email. By the end of the email exchange, your employees’ W-2 Forms—which contain vital and sensitive information that should not get into the wrong hands—could be seriously at risk.
Another type of phishing email claims that the business owner needs to update “tax filing information” on their tax return. Most phishing emails contain a link to a fake site, where personally identifiable information can be captured and submitted to cyber criminals; for pass-through companies, this can cause major damage. In some cases, the link is replaced by an HTML attachment and additional directives are included in the email, yet another way to obtain your personal bank account information.
Owing the IRS money is often a scary prospect for many businesses, so it comes as no surprise that cyber criminals are sending emails claiming that a tax payment was deducted from the recipient’s bank account. Attached to the email is a “receipt” that acts as a reference for the deduction. It contains a malicious file; do not click on this link, as this is how the cyber criminals gain access to personal bank account information. Remember, the IRS will never reach out to you directly by phone or email as a business owner, so if this happens, it’s a hacker trying to gain unlawful access.
Numerous businesses throughout the region have robust community relations efforts that support worthwhile charities and organizations in the area. But these noble efforts are often exploited by cyber criminals. After disasters, it’s common for scammers to impersonate charities. These groups often have names similar to legitimate organizations. Don’t give out personal financial information or Social Security numbers. And don’t give or send cash. This IRS website’s search feature allows you to look up legitimate charities.
For the owner of an S Corporation, identity theft remains a very real and scary proposition, one that could not only cause the owner tremendous harm, but the business as well. One of the most common identity theft scams involves filing tax returns using stolen Social Security numbers. Protect your business by protecting your personal data and that of your employees. Check out the irs.gov section on ID theft for more information. Additionally, create a system of checks and balances within your business, where a trusted member of your team can check all processes and adjust them where necessary.
Con artists use unsolicited email and fake websites to lure potential victims into divulging personal information that will then be used to commit identity theft and fraud. IRS officials rightly advise business owners to be leery of unexpected emails from the IRS promising refunds or threatening to collect, and to report such suspicious email to firstname.lastname@example.org.
Lastly, there is vital information available to protect businesses and owners when receiving unsolicited communications during tax preparation seasons: