IRS Scams: Protect Your Business and Taxpayer Information from the Dirty Dozen During Tax Season

Quality Tax Plus - Blog - Business Protection - IRS Scams: Protect Your Business and Taxpayer Information from the Dirty Dozen During Tax Season

Introduction

As a small business owner, navigating the complexities of tax season can be challenging enough without the added threat of scams. Unfortunately, the Internal Revenue Service (IRS) reports a significant increase in tax-related fraud attempts, particularly targeting small businesses and individual taxpayers. This surge in scam activities has led to the creation of the annual “Dirty Dozen” list, which highlights the most prevalent and dangerous tax scams.

In recent years, the landscape of IRS scams has evolved dramatically, largely due to widespread data breaches and the increasing sophistication of fraudsters. According to the Federal Trade Commission, tax fraud accounted for over $2.3 billion in losses in 2021 alone, with small businesses often bearing the brunt of these attacks. This alarming trend underscores the critical importance of understanding, recognizing, and protecting against these fraudulent schemes.

The purpose of this comprehensive guide is to arm you, as a small business owner, with the knowledge and tools necessary to safeguard your business and personal finances from IRS scams. We’ll delve into the intricacies of how these scams operate, explore the latest tactics employed by fraudsters, and provide actionable strategies to protect your business.

Key Statistics:

  • Tax fraud losses in 2021: $2.3 billion (Source: Federal Trade Commission)
  • 44% increase in reported tax scams from 2020 to 2021 (Source: TIGTA)
  • Small businesses are 3x more likely to be targeted by tax scams than individuals (Source: IRS)

As we navigate through this guide, remember that staying informed is your first line of defense. The IRS consistently updates its resources to help taxpayers and businesses stay protected. For the most current information, always refer to the official IRS website.

In the following sections, we’ll break down the components of IRS scams, explore the Dirty Dozen list in detail, and provide you with a comprehensive strategy to protect your business. Let’s begin by understanding how these fraudsters operate and why small businesses are particularly vulnerable targets.

Understanding IRS Scams: How Fraudsters Target You

IRS scams are sophisticated schemes designed to exploit the complex nature of the tax system and the fear or urgency often associated with tax-related matters. As a small business owner, understanding these tactics is crucial for protecting your company’s financial health and reputation.

Definition of IRS Scams

IRS scams are fraudulent activities where criminals impersonate IRS officials or create fake tax-related scenarios to steal money or sensitive information from unsuspecting victims. These scams can take various forms, including:

  • Phishing emails: Deceptive emails that appear to be from the IRS
  • Vishing (voice phishing): Phone calls from supposed IRS agents
  • Smishing: Text messages claiming to be from the IRS
  • Mail fraud: Fake IRS letters or notices sent via postal mail
  • Social media scams: Fraudulent IRS-related posts or direct messages on social platforms

Common Methods Used by Scammers

Scammers employ a variety of tactics to appear legitimate and persuade their targets to comply with their demands. Some common methods include:

  1. Impersonation: Scammers often pose as IRS agents, using fake badge numbers and names.
  2. Urgency creation: They create a sense of urgency, claiming immediate action is required to avoid severe consequences.
  3. Threat of legal action: Fraudsters may threaten arrest, deportation, or license revocation to intimidate victims.
  4. Spoofing: They use caller ID spoofing to make their calls appear to come from legitimate IRS phone numbers.
  5. Phishing websites: Scammers create fake websites that mimic the official IRS site to collect sensitive information.

Impact of Data Breaches on IRS Scams

The rise in data breaches has significantly empowered scammers, providing them with a wealth of personal and business information to make their schemes more convincing. According to a report by the Identity Theft Resource Center, there were 1,862 data breaches in 2021, exposing over 293 million records.

How data breaches fuel IRS scams:

  • Scammers obtain personal details like names, addresses, and Social Security numbers
  • They use this information to create highly personalized and convincing scam attempts
  • Stolen data allows fraudsters to bypass security questions and appear more legitimate
  • Business information from breaches enables targeted attacks on specific companies

Use of Stolen Personal Information by Scammers

Armed with stolen data, scammers can craft highly personalized scam attempts that are difficult to distinguish from genuine IRS communications. They might reference:

  • Your business name and address
  • Last four digits of your Social Security Number or EIN
  • Details about your recent tax filings or payments
  • Information about your business structure or employees

This level of detail can make even the most vigilant business owner question whether the communication might be legitimate.

Case Study: The Business Email Compromise (BEC) Scam

In 2020, a small manufacturing company in Ohio fell victim to a sophisticated BEC scam. The scammers, using information obtained from a data breach, impersonated the IRS and claimed the company had underpaid its taxes. They provided accurate details about the company’s recent tax payments and threatened severe penalties if an immediate payment wasn’t made. The company lost $157,000 before realizing it was a scam.

To protect your business from such scams, it’s crucial to:

  1. Implement strong data security measures
  2. Train employees on recognizing scam attempts
  3. Verify all tax-related communications directly with the IRS
  4. Stay informed about the latest scam tactics

For more information on how to protect your business data, visit the FTC’s Business Center.

Understanding these tactics is the first step in protecting your business. In the next section, we’ll explore the IRS’s Dirty Dozen list, which highlights the most prevalent and dangerous tax scams currently targeting small businesses and individuals.

The Dirty Dozen: Top IRS Scams to Watch Out For in 2024

The IRS annually releases its “Dirty Dozen” list, highlighting the most prevalent and dangerous tax scams. As a small business owner, being aware of these scams is crucial for protecting your company’s financial health and reputation. Let’s delve into the top IRS scams you need to watch out for in 2024:

1. Phishing Emails and Texts About “Recalculated” Tax Refunds

How it works: Scammers send emails or text messages claiming that your tax refund has been recalculated, often promising a larger refund. They provide a link to “verify” your information or claim your refund.

Red flags:

  • Unsolicited emails or texts about your tax refund
  • Requests to click on links or download attachments
  • Urgent language pressuring you to act quickly

Protection tip: The IRS never initiates contact about tax refunds via email or text. Always access your tax information directly through the official IRS website.

2. IRS Impersonators Demanding Gift Cards

How it works: Scammers call, pretending to be IRS agents, and claim you owe taxes. They demand immediate payment via gift cards, threatening legal action if you don’t comply.

Red flags:

  • Demands for payment using gift cards
  • Threats of immediate arrest or legal action
  • Use of aggressive or intimidating language

Protection tip: The IRS never demands immediate payment over the phone, nor do they ask for gift cards as payment.

3. Fake FDIC Calls Requesting Bank Information

How it works: Fraudsters pose as FDIC representatives, claiming there’s an issue with your bank account related to your taxes. They ask for your banking details to “verify” your account.

Red flags:

  • Unsolicited calls about your bank account
  • Requests for sensitive banking information
  • Pressure to provide information immediately

Protection tip: The FDIC and IRS do not call to ask for bank account information. Always verify such requests directly with your bank.

4. Threats to “Cancel” Social Security Numbers

How it works: Scammers threaten to cancel or suspend your Social Security number due to unpaid taxes or alleged criminal activity.

Red flags:

  • Threats to cancel your Social Security number
  • Claims of imminent legal action
  • Requests for immediate payment to “resolve” the issue

Protection tip: The IRS cannot cancel or suspend Social Security numbers. This is always a scam.

5. Fraudulent “Bureau of Tax Enforcement” Communications

How it works: Scammers create fake government agencies like the “Bureau of Tax Enforcement” to lend credibility to their demands for payment.

Red flags:

  • Communications from unfamiliar tax agencies
  • Pressure to make immediate payments
  • Threats of property seizure or legal action

Protection tip: Verify any unfamiliar tax agency by contacting the IRS directly.

6. Malicious Tax Transcript Emails

How it works: Fraudsters send emails claiming to contain your tax transcript, but the attachment actually contains malware.

Red flags:

  • Unsolicited emails about your tax transcript
  • Attachments with suspicious file names
  • Urgent language encouraging you to open the attachment

Protection tip: The IRS does not email tax transcripts. Access your transcript directly through the official IRS website.

7. Unexpected Taxpayer Advocate Service Calls

How it works: Scammers impersonate the Taxpayer Advocate Service, claiming to be calling about a refund or other tax issue.

Red flags:

  • Unsolicited calls from the Taxpayer Advocate Service
  • Requests for personal or financial information
  • Pressure to act quickly

Protection tip: The Taxpayer Advocate Service does not make unsolicited calls to taxpayers.

8. “Ghost” Tax Preparers

How it works: Unethical tax preparers complete returns but refuse to sign them, making it appear as if the taxpayer self-prepared the return.

Red flags:

  • Tax preparers who won’t sign the return
  • Promises of unusually large refunds
  • Requests for cash payments or to deposit refunds into their account

Protection tip: Always use a reputable, registered tax preparer who will sign your return.

9. Modified W-8BEN Forms Requesting Sensitive Information

How it works: Scammers send altered W-8BEN forms requesting unnecessary personal information.

Red flags:

  • Requests for information not typically required on a W-8BEN
  • Forms that look slightly different from official IRS forms
  • Unsolicited requests to complete a W-8BEN

Protection tip: Only fill out W-8BEN forms provided directly by your financial institution or employer.

10. Fake IRS Agents Offering “Casualty Loss Claim” Assistance

How it works: Scammers target disaster victims, offering to help file “casualty loss claims” with the IRS for a fee.

Red flags:

  • Unsolicited offers of assistance with tax claims
  • Requests for upfront fees
  • Promises of large tax refunds due to disasters

Protection tip: Seek assistance only from recognized disaster relief organizations or licensed tax professionals.

Important: For the most up-to-date information on tax scams, always refer to the official IRS Dirty Dozen page.

By familiarizing yourself with these scams, you’re taking a crucial step in protecting your business. In the next section, we’ll explore the digital threat landscape, focusing on phishing and smishing attacks.

Phishing and Smishing: The Digital Threat Landscape
In the digital age, phishing and smishing have become increasingly sophisticated tools in the scammer’s arsenal. As a small business owner, understanding these threats is crucial for protecting your company’s sensitive information and financial assets.

Definitions and Explanations

Phishing: Phishing is a cybercrime where attackers disguise themselves as legitimate institutions to lure individuals into providing sensitive data such as personally identifiable information, banking details, or passwords.

Smishing: Smishing, a portmanteau of “SMS” and “phishing,” is a form of phishing that uses text messages as the attack vector. Criminals send text messages to trick individuals into clicking malicious links or providing sensitive information.

Common Tactics Used in These Scams

  1. Spoofed Sender Information: Scammers often use email spoofing techniques to make their messages appear to come from legitimate IRS email addresses.
  2. Urgent Language: Messages typically create a sense of urgency, pushing recipients to act quickly without thinking.
  3. Threatening Consequences: Scammers may threaten legal action, fines, or account suspension to scare victims into compliance.
  4. Fake Websites: Phishing emails often contain links to convincing but fake websites designed to steal login credentials or personal information.
  5. Malicious Attachments: Some phishing emails include attachments that, when opened, install malware on the victim’s device.

Examples of IRS-Related Phishing and Smishing Scams

1. Tax Refund Phishing:

From: irs.refunds@irs.gov.com

Subject: Your Tax Refund is Ready

Dear Taxpayer,

We have calculated your tax refund and it is ready for claim. Click the link below to verify your information and receive your refund:

[Malicious Link]

This link will expire in 24 hours. Act now to avoid delays.

Internal Revenue Service

2. Smishing Tax Scam:

 IRS Alert: Your tax return has been rejected. To avoid penalties, update your information immediately: [Malicious Link]

Risks Involved in Clicking Suspicious Links

Clicking on links in phishing or smishing attempts can lead to several severe consequences:

  1. Malware Installation: Malicious links may download viruses, ransomware, or other harmful software onto your device.
  2. Data Theft: Fake websites can capture any information you enter, including passwords and financial data.
  3. Account Takeover: Criminals can gain access to your accounts, potentially leading to financial loss or identity theft.
  4. Business Network Compromise: In a business setting, one compromised device can potentially expose the entire company network.

Statistics on Phishing and Smishing

According to recent reports:

  • Phishing attempts increased by 61% in 2022 (Source: APWG)
  • 96% of phishing attacks arrive by email (Source: Verizon DBIR)
  • Smishing attacks grew by 328% in 2020 (Source: Proofpoint)

Protection Strategies

To safeguard your business against phishing and smishing attacks:

  1. Implement Email Filtering: Use robust spam filters and anti-phishing tools.
  2. Educate Employees: Conduct regular training sessions on identifying and reporting suspicious messages.
  3. Use Multi-Factor Authentication: This adds an extra layer of security even if credentials are compromised.
  4. Keep Software Updated: Ensure all systems and applications are patched and up-to-date.
  5. Verify Independently: Always verify requests for sensitive information by contacting the purported sender through official channels.
  6. Use Official Apps: For mobile devices, use official IRS apps available on trusted app stores.

For more comprehensive guidance on protecting your business from phishing attacks, visit the Cybersecurity & Infrastructure Security Agency’s Anti-Phishing page.

By understanding the tactics used in phishing and smishing scams, you can better protect your business from these digital threats. In the next section, we’ll explore the red flags that can help you identify potential IRS scams.

Red Flags: How to Identify an IRS Scam


Recognizing the warning signs of an IRS scam is crucial for protecting your business. Here are the key red flags to watch out for:

  1. Unsolicited Contact from the “IRS”
    • The IRS typically initiates contact through regular mail, not phone, email, or text.
    • Be wary of any unexpected communication claiming to be from the IRS.
  2. Pre-recorded Voicemails
    • The IRS does not leave pre-recorded, urgent messages asking for a call back.
    • Scammers often use robocalls to cast a wide net.
  3. Threats of Fines or Criminal Prosecution
    • The IRS will not threaten immediate arrest or legal action over the phone.
    • Legitimate tax issues involve a lengthy process with multiple opportunities to appeal.
  4. Requests for Specific Payment Methods
    • The IRS never demands payment via gift cards, wire transfers, or cryptocurrency.
    • Be suspicious of any request for payment through these methods.
  5. Demands for Sensitive Personal or Financial Information
    • The IRS already has your basic information and won’t ask for it over phone or email.
    • Never provide sensitive data in response to an unsolicited communication.
  6. Use of Forms Not Found on the IRS Website
    • All legitimate IRS forms are available on the official IRS website.
    • Be cautious of any unfamiliar forms or those with slight modifications.
  7. Lack of Proper IRS Agent Identification
    • Legitimate IRS agents must provide their credentials upon request.
    • They should be able to provide a badge number and an HSPD-12 card.

What the Real IRS Will Never Do

Understanding the IRS’s standard practices can help you spot scams. The IRS will never:

  1. Initiate contact via phone, email, or text message
    • First contact is always made through official correspondence sent via U.S. mail.
  2. Demand immediate payment without prior written notice
    • You will always receive a bill in the mail before any payment request.
  3. Threaten immediate law enforcement action
    • Legal processes for tax issues are lengthy and involve multiple steps.
  4. Request payments to third parties
    • All tax payments should be made to the U.S. Treasury.
  5. Ask for credit or debit card numbers over the phone
    • The IRS does not collect payment information this way.

How to Protect Yourself from IRS Scams

Implement these strategies to safeguard your business:

  1. File taxes early
    • This reduces the window of opportunity for scammers to file fraudulent returns in your name.
  2. Verify the legitimacy of IRS communications
    • Contact the IRS directly using official numbers or websites to confirm any communication.
  3. Secure your Social Security number and other sensitive information
    • Use strong, unique passwords and enable two-factor authentication where possible.
  4. Ignore unsolicited communications
    • Do not respond to unexpected calls, texts, or emails claiming to be from the IRS.
  5. Monitor your credit score and financial accounts
    • Regularly check for any suspicious activity.
  6. Vet tax professionals thoroughly
    • Use only reputable, licensed tax preparers.
  7. Use digital security tools
    • Employ antivirus software, VPNs, and safe browsing tools.
  8. Scan the Dark Web for leaked personal information
    • Consider using services that monitor the dark web for your personal data.

What to Do If You’ve Been Targeted by an IRS Scam

If you suspect you’ve been targeted:

  1. Contact financial institutions and place a credit freeze
    • Alert your bank and credit card companies immediately.
  2. Change passwords and enable two-factor authentication
    • Secure all your accounts, especially those with sensitive information.
  3. Report the incident to proper authorities
    • File a report with the Treasury Inspector General for Tax Administration (TIGTA) at www.tigta.gov.
    • Report the scam to the Federal Trade Commission at ftc.gov/complaint.
  4. Monitor your sensitive information for signs of fraud
    • Keep a close eye on your credit reports and financial statements.
  5. Consider using identity theft protection services
    • These services can provide ongoing monitoring and alerts.

Reporting IRS Scams: Help Stop Fraud

Reporting scams helps authorities combat fraud:

  1. Report phishing and smishing attempts
    • Forward suspicious emails to phishing@irs.gov.
    • Forward suspicious text messages to 7726 (SPAM).
  2. Report abusive tax schemes and preparers
    • Use Form 14242 to report suspected abusive tax promotions or preparers.
  3. Utilize the IRS Whistleblower program
    • Report large-scale tax fraud for potential monetary rewards.

Resources for Protection and Further Information

For more information and resources:

Conclusion: Staying Vigilant Against the “IRS Scam Tax”

As a small business owner, protecting yourself and your company from IRS scams is an ongoing process. The landscape of tax-related fraud is constantly evolving, with scammers developing new tactics to exploit unsuspecting victims. By staying informed about the latest scam techniques, implementing robust security measures, and fostering a culture of vigilance within your organization, you can significantly reduce the risk of falling prey to these fraudulent schemes.

Remember, the real IRS will never initiate contact through phone calls, emails, or text messages regarding tax issues. They will always send official correspondence via U.S. mail first. If you receive any suspicious communication claiming to be from the IRS, take a moment to verify its authenticity through official channels before responding or taking any action.

Key takeaways to protect your business:

  1. Stay informed about the latest IRS scams and tactics.
  2. Educate your employees on recognizing and reporting potential scams.
  3. Implement strong security measures to protect sensitive business and personal information.
  4. Verify all tax-related communications directly with the IRS.
  5. Report any suspected scams to the appropriate authorities.

By following these guidelines and remaining vigilant, you can help protect your business from the financial and reputational damage that can result from falling victim to an IRS scam. Remember, when it comes to your taxes and financial information, it’s always better to err on the side of caution. If something seems suspicious, trust your instincts and take the time to verify its legitimacy.

Protecting your business from IRS scams is not just about safeguarding your finances; it’s about preserving the integrity and reputation of your company. By staying informed and proactive, you can ensure that your business remains secure and focused on growth, rather than becoming another statistic in the world of tax-related fraud.

Tags :
Share :

administrator

    Leave a Reply

    Your email address will not be published. Required fields are marked *