New IRS Dirty Dozen is full of coronavirus

July 20, 2020 9:00 AM

Just what we need in the endless grip of pandemic: new tax scams.

This year’s IRS Dirty Dozen list includes rip-offs that sprang up like toadstools to prey on filing and economic relief efforts like Economic Impact Payments, but while some are now, others are evil twists on established scammy ideas.

1. Playing on fear

E-mail symbol printed on a piece of paper hooked on a fishing hook. Phishing and data protection concept.

Ivelin Radkov/Ivelin Radkov - Fotolia

IRS Criminal Investigation reports a tremendous increase in phishing schemes using keywords such as “coronavirus,” “COVID-19” and “Stimulus.” Most of these schemes are playing on the fear of the virus and the worries about stimulus payments, and are blasted to large numbers of people to net personal identity information or financial account details.

2. Give and it hurts

The pandemic is custom-built for crooks to set up fake charities to steal from the good-hearted. Fraudulent schemes normally start with unsolicited contact. Bogus websites use names resembling those of legitimate charities — and crooks might even claim to be working for the IRS to help victims file casualty loss claims and get tax refunds. (Remember: Legit charities won’t hesitate to give their Federal Employer Identification Number.)

3. A familiar voice

Phone scams (a.k.a. “vishing” or voice phishing) include those threatening arrest, deportation or license revocation. These calls, reported year-round, often take the form of a robocall. The IRS will never demand immediate payment, threaten a taxpayer, ask for financial information over the phone, or call about an unexpected refund or Economic Impact Payment.

4. Anti-social

Social media enables anyone to share information with anyone else on the internet — and scammers use that information as ammunition for a wide variety of scams especially in times of disaster like a pandemic. (Social media scams have also led to tax-related identity theft.) The basic element of social media scams is convincing a potential victim they’re dealing with a trusted person close to them.

5. Negative impact

Rentnerin

Alexander Paul Thomass/Anke Thomass - stock.adobe.com

The IRS has made great strides against refund fraud and theft but they remain an ongoing threat. Criminals this year also turned their attention to stealing Economic Impact Payments. The IRS recently warned nursing homes and other care facilities that EIPs generally belong to the recipients, not the organizations providing the care. These payments also don’t count as a resource for determining eligibility for Medicaid and other federal programs.

6. New avenue for scammers

Seniors are more likely to be targeted and victimized by scammers than other segments of society. Older Americans are becoming more comfortable with such evolving technologies as social media — but that’s just given crooks another means of taking advantage. Phishing scams linked to coronavirus were a special threat this season.

7. Language barriers

IRS impersonators and other scammers also target groups with limited English proficiency. Often threatening, these scams also target those potentially receiving an EIP and request personal or financial information from the taxpayer. These con artists may have some of the taxpayer’s information, and a common approach remains the IRS impersonation scam where a taxpayer receives a telephone call threatening jail time, deportation or revocation of a driver’s license from someone claiming to be with the IRS.

8. Boo!

Dishonest tax preparers pop up every filing season committing fraud, harming innocent taxpayers or talking taxpayers into doing illegal things they regret later. With many tax pros impacted by COVID-19 and their offices potentially closed, taxpayers should take particular care in selecting a credible preparer. Especially dangerous again this season: “ghost” preparers who don’t sign the returns. Unscrupulous preparers may also target those without a filing requirement and may or may not be due a refund, promising inflated refunds or charging a percentage of the refund.

9. Accept no compromise

Misleading tax-debt resolution companies often exaggerate chances to settle tax debts for “pennies on the dollar” through an offer in compromise. In FY19, there were 54,000 OICs submitted to the IRS; the agency accepted 18,000 of them. But unscrupulous OIC “mills” oversell the program, casting a wide net for taxpayers, charging them pricey fees and churning out applications for an offer that often hasn’t got a chance.

10. Card tricks

A con artist steals a taxpayer’s personal data, files a bogus return and has the refund deposited into the taxpayer’s bank account. Once the direct deposit hits the account, the fraudster calls the taxpayer posing as an IRS employee. The taxpayer is told there’s been a bank error not in their favor and that the IRS wants the money back immediately or penalties and interest will result. The taxpayer is told to buy specific gift cards for the amount of the refund.

11. Payroll payoffs

Tax professionals, employers and taxpayers need to be on guard against phishing designed to steal W-2s and other tax information (a.k.a. business email compromise or business email spoofing). This is particularly true with many businesses closed and their employees working from home. In one scam, a compromised email account is often used to send a request to purchase gift cards in various denominations. In another, the fraudster may have access to the victim’s email account (also known as an email account compromise, or EAC) to impersonate the victim to have the organization change the employee’s direct deposit information to reroute to an account the fraudster controls.

12. Hiya ransom

Keyboard equipped with a red ransomware dollar button.

tonsnoei - Fotolia

Ransomware to infect a potential victim’s computer, network or server is a growing cybercrime. This invasive software is often inadvertently downloaded by the user. Once downloaded, it tracks keystrokes and other computer activity, finding and locking critical or sensitive data with its own encryption. Victims generally aren’t aware of the attack until they try to access data or they receive a ransom request in a pop-up window. Cybercriminals might use a phishing email to trick a victim into opening a link or attachment containing the ransomware; these may include email solicitations for fake COVID-19 charities.