You answer the phone or get an urgent voicemail from the Internal Revenue Service.
The agent claims to have mailed you certified letters saying you owe money to the government and threatens to have you arrested or even deported before demanding immediate payment.
No compatible source was found for this media.
They tell you to pay by prepaid debit card, wire transfer or gift card that will go through the IRS Electronic Federal Tax Payment System. They ask for your Social Security number, bank account and PIN numbers or other sensitive information that will quickly clear up the matter.
It all sounds very official and convincing, but it is a common phone scam called voice phishing. And it is very successful.
“Vishing,” as it is known, is a variation on email phishing scams that swindle people out of their hard-earned money and steal identities.
If this happens to you, hang up. The IRS will never contact you by phone or email, or threaten arrest. Call the IRS at 800-829-1040 with questions.
The Dirty Dozen
That tax scam is at the top of the IRS’ Dirty Dozen list, an annual compilation of the worst schemes used by criminals.
Another involves unscrupulous tax return preparers promising huge tax refunds. The fraudsters advertise cheap tax prep and set up phony storefronts to attract victims. They then file false returns in clients’ names.
Cyber criminals work overtime trying to rip you off leading up to the April 15 filing deadline, but scams are a lucrative, year-round business.
Florida once again is the scam capital of the country, according to a new Federal Trade Commission report. With nearly 3 million consumer complaints made to the agency in 2018, the Sunshine State ranked No. 1 for fraud and No. 4 for identity theft. In a twist, tricksters were most successful scamming millennials. Forty-three percent of adults ages 20 to 29 reported being bilked out of an average of $400. About 15 percent of senior citizens in their 70s reported fraud, losing an average of $750. Those 80 and older lost the most, about $1,700.
Thieves filch billions from unsuspecting prey each year.
I checked in with Kelvin Coleman, executive director of the National Cyber Security Alliance, a nonprofit working for a safer internet, to find out what’s new in the charming world of sucker games. The Alliance this week released an alert on tax scams at StaySafeOnline.org.
“There aren’t really any new scams,” Coleman says. “There are just variations of old scams. Phishing is still a very effective way to gain access to individuals’ info through unsolicited emails.”
Cyber criminals now go high tech, using artificial intelligence and “botnets,” which is a network of linked computers that send out billions of phony emails to swindle funds from young and old alike, Coleman says.
“This malicious content ensnares unsuspecting victims who click on the emails, which allows [the crooks] to automatically download malware on their computers. You don’t see it or notice it.”
His advice is simple and 100 percent effective: “When in doubt, throw it out.” Don’t open emails from senders you don’t recognize and don’t click any links or attachments. Delete them and empty the trash.
That also underscores the importance of using good antivirus programs to protect yourself against malware. Coleman also recommends making sure your machine is patched and clean. Find free security checkups and tools listed on StaySafeOnline.org at the bottom of the homepage. Also, do regular software updates, which are critical to keeping your computer and identity secure.
Coleman warns about using public networks that are not secure. “Don’t do personal banking business or financial transaction on public Wi-Fi. That’s how scammers gain access to your computer. You’re vulnerable because someone with expertise can get into the backdoor of that Wi-Fi while you are using it. Instead, do those transactions on secure networks [one with a password] or at home.”
Tax professionals are also ripe targets for scammers because of the treasure-trove of information they keep.
Coleman recommends asking your tax preparer how they secure your information. “Ask what their defenses are. You don’t have to get technical. If you get a thorough explanation, you’re likely good to go.”
I also asked Dr. Yair Levy, professor of cybersecurity and information systems at Nova Southeastern University’s College of Engineering and Computing, to share a few tips. He’s also a member of the U.S. Secret Service’s Miami Electronic Crimes Task Force and a board member and education sector chief of the FBI’s InfraGard.
“When you deal with financial institutions or accountants, make sure information is encrypted,” Levy says. “Don’t send your W2 to the accountant over email.” He recommends using Adobe Acrobat to secure the file and set a password. If you don’t want to buy it, you can rent it. “The file will be locked and you can forward that to your account and provide the password on a secondary communication.”
Choose a tax pro carefully. Find one on the tax agency’s directory of federal tax return preparers at IRS.gov. The database can be sorted by ZIP code and is updated weekly. Also, check credentials. Ask for the IRS Preparer Tax Identification Number (PTIN) and verify the agent is enrolled with the IRS.
Take action
If you suspect a rat, report it to the Treasury Department at Treasury.gov/tigta/contact_report_scam.shtml and the FBI Internet Crime Complaint Center at IC3.gov. and make a complaint to the FTC at ftc.gov/complaint.