The New Jersey Society of CPAs is warning residents to beware of potential charity fraud from scammers asking for donations to bogus nonprofits raising money for Ukraine relief.
While there are many legitimate charities raising funds to aid victims of the war in Ukraine, the NJCPA is urging potential donors to research charities to ensure their donations are being used to benefit Ukrainians. The first step is determining whether the charity is a Section 501(c)(3) not-for-profit organization. The IRS's
Charity Navigator and other organizations rate charities on a number of criteria, but it’s worth a careful check of their methodology to make sure you know what the ratings are based on.
The society also warns against paying with cash or a debit card, as a credit card offers greater security. After donating, people should check their accounts regularly to look for any suspicious activity or unauthorized charges. Setting up notifications through a bank or banking app will track credit card transactions and alert cardholders to account activity. Money should never be donated over the phone, links in email solicitations should not be clicked, and high-pressure tactics seeking to get donors to pay immediately are a sign of danger.
During tax season especially, many taxpayers and tax professionals could be on the receiving end of phishing emails. The federal government and cybersecurity experts are also concerned about Russian hackers carrying out cyberattacks.
“There are four kinds of hackers: state-sponsored, for profit, cause, and because I can,” said Adam Levin, former director of consumer affairs for the state of New Jersey. “The basic ways they come after you are phishing, spearphishing, vishing which is phone-based phishing, and smishing, which is tax-based phishing. The whole point is that a tax preparer is a very juicy target for these guys, especially the for-profit guys.”
Hackers and scammers can operate from the relative safety of their computers to prey on victims.
“In the old days, the way you made money was you did drug deals under street lamps in the middle of the night and you ran the risk of being killed by the people you were doing business with, or getting arrested or prosecuted, and they’d put you away,” said Levin, who wrote the cybersecurity guide "
He noted that for tax preparers, more emphasis is placed on communications supposedly from tax preparation services, from state regulatory authorities, or from the IRS.
“They would be inclined to click on a link or open an attachment because they believe it’s coming from someone who’s official,” said Levin. “The truth of the matter is that the scams are pretty much the same. However, it’s just a question of who the target is. And then the issue is did they put malware on your computer? And if they do, is it a keystroke logger so every time the tax professional logs on to their system, that information would be sent to the hacker? Or is it ransomware where they lock up your system and then they demand payment from you in an effort to get your files decrypted so you can do business again?”
Scams can come in many forms besides tax scams and charity fraud. “There are unemployment scams, job search scams, education scams, loan modification scams,” said Levin. “You think about it and there’s a scam for everything and all those scams are basically designed to get information out of people for whatever they want, and if you’re a tax preparer that’s El Dorado for a hacker.”
The NJCPA is recommending that those who believe they may be victims of a scam should contact their financial institution to put a hold on their credit card and notify the attorney general in their state, then file a complaint with the
