By REBECCA RUTHERFORD
For the Los Alamos Daily Post

It’s the holidays, and everything is festive and merry, but online scammers are just gearing up for another big season … tax filing time. Last week the IRS and their Security Summit Partners issued a warning to the public to stay alert against emerging scams during the upcoming filing season. They are warning the public to stay alert against a variety of scams via email, text, phone calls and even mail.

These threats are certainly present all year long, but with the approaching tax season scammers will be ramping up efforts to trick taxpayers and tax professionals.

During National Tax Security Awareness Week, currently in its eighth year, the Security Summit partnership of the IRS, state tax agencies and the nation’s tax community continue to work to raise awareness among taxpayers, tax professionals and the business community about the importance of protecting information to protect against identity and data theft. The Security Summit formed in 2015 to combat tax-related identity theft via better public-private sector coordination as well as through increasing internal protections in the tax community and raising public awareness about security threats.

“Identity thieves are relentless and use a variety of techniques. As Tax Security Awareness Week concludes, we urge people to be careful with their personal information and be wary of email and text scams,” said IRS Commissioner Danny Werfel. “With people anxious to receive the latest information about a refund or other issues during tax season, scammers will regularly pose as the IRS, a state tax agency or others in the tax industry. People should be incredibly wary about unexpected messages that can be an elaborate trap by scam artists, especially during filing season.”

Summit partners and the IRS urged taxpayers and tax professionals to be alert to fake communications posing as the IRS or State tax authorities, and other legitimate organizations in the tax and financial community. Suspicious messages can arrive in many ways, including via unsolicited text or email to lure victims to provide personal and financial information that can lead to identity theft.

These can include:

• Phishing- an email sent by scammers claiming to come from the IRS or another legitimate organization, including state tax organizations or a financial firm. The email entices the victims into the scam by a variety of lures such as a phony tax refund or trying to scare them with false legal/criminal charges for tax fraud.
• Smishing- a text or smartphone SMS message that uses the same techniques as phishing, just via text message. Scammers often use alarming language to create a sense of urgency like, “Your account has been put on hold,” or “Unusual Activity Report” with a bogus link to restore the user’s account. Unexpected tax refunds are another potential target for these messages.

• Vishing- phone call using similar techniques to phishing, usually with a sense of urgency; e.g. if you can’t make payment now legal action will be taken.

Most legitimate contacts with the IRS will be initiated through regular mail, which means taxpayers shouldn’t be getting an unexpected message by email, text, phone calls or social media regarding a bill or tax refund.

Never click on or interact with any unsolicited communication claiming to be the IRS or others because it may lead to a malware infection, or it could also be a way for malicious hackers to load ransomware that keeps the legitimate user from accessing their system and files. The scams should be reported by sending the email or a copy/screenshot of the text/SMS as an attachment to phishing@irs.gov.

The public can also report scams to the Treasury Inspector General for Tax Administration or the Internet Crime Complaint Center. The Report Phishing and Online Scams page at IRS.gov provides complete details. The Federal Communications Commission’s Smartphone Security Checker is a useful tool against mobile security threats.

The IRS also warns users to be wary of messages that appear to be from friends or family but are possibly compromised or spoofed email or text accounts from someone they know. This remains a popular way to target individuals and tax preparers for many scams. Individuals should verify the identity of the sender by using another communication method; for instance, calling a number they independently know to be accurate, not the number provided in the email or text.

Signs that you may already be the victim of a scam:

• Taxpayers receiving a tax transcript in the mail from the IRS that was not ordered.
• Taxpayers receiving an unrequested Employer Identification Number.
• Taxpayers receiving W-2’s from an unknown employer.

Taxpayers unexpectedly getting a notice or an email from a tax preparation company that is:

• Confirming access to an existing online account.
• Disabling an existing online account.
• Confirming a new online account.
• Getting a letter from the IRS during a year that the taxpayer didn’t earn income or a tax return hadn’t been filed. In this situation, it’s possible an identity thief has submitted a tax return in the honest taxpayer’s name.

In this situation, where the taxpayer didn’t earn money or file a return, the warning sign is a letter showing:

• Additional tax is owed.
• A refund was offset because of a balance due.
• Collection actions have been taken.

In general, the IRS starts with a mailed paper bill to a person who owes taxes. If a taxpayer wants to verify taxes they may owe the IRS, they should view tax account information on the IRS webpage. Never click on links in email or texts saying that money is owed to the IRS.

Stay safe online, and remember that IRS scams are incoming, and keep an eye out for signs you may have already been a victim of identity theft.

Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.