It's Daily Tax Tip time again!
Obamacare tax-filing tips as we wait for its repeal

Tax pros are target of new e-services phishing scam

Tax season is here. You know what that means. Tax scams are here in full force.

Even before the official 2017 filing season started, the Internal Revenue Service warned tax professionals to be on the lookout (sorry, I know that the BOLO phrase is a touchy one when it comes to the IRS) for yet another tax scam.

Phishing-fish hook on computer keyboard

This one, according to the IRS and its Security Summit partners, is a new e-mail phishing scheme aimed at tax pros that has the subject line "Mails on Hold!" It comes just two months after the crooks tried to get tax preparer data by telling them they needed to update their IRS e-services account information

In its official email newsletter to tax professionals, the IRS warns that the latest fake emails may appear to be from the IRS or e-services. They also may include references to such things as IRS personnel or PTINs (Preparer Tax Identification Numbers).

As with all suspicious emails, don't click on the links or attachments contained in these fake communications.

The IRS also asks that anyone who gets the fake mail hold email message report it to phishing@irs.gov. Also report the incident to the Federal Trade Commission and Treasury Inspector General for Tax Administration.

And if you are victimized by an e-services scam, please contact that division's help desk at (866) 255-0654 to report the crime.

Reworked email scheme: The email hold scheme targeting tax preparers seems to be a version of a scam previously aimed at colleges. In 2015 and 2016, there were reports of the email on hold phishing attempt at the Universities of Arizona, Hawaii and Chicago.

The educational institutions' email recipients were told:

"Your [University of Chicago] mailbox has exceeded the storage limit. You can not receive new messages until you update your mailbox. CLICK HERE to update."

"This is a final notification that on20 December, [University of Arizona email system] will discontinue support for Internet Explorer (IE) 8. If you choose not to update your ACCOUNT before 24 December, you'll be switched to our Basic Mail experience. You'll not be able to read and send emails, and you will no longer have access to many of the latest feature for improved conversations, contacts and attachments. Take a minute to update your ACCOUNT for a faster, safer and full-featured experience. VERIFY HERE."

"Due to database maintenance equipment that is happening in our University of Hawaii mail message center. Our University of Hawaii message center must be reset due to the large number of spam messages we receive daily in our database. The maintenance of quarantine will help us avoid this dilemma every day and with the new improved software will provides our Hushmail Email users with a secure mail system and new security system to protect our users from getting their University of Hawaii accounts being hacked. To validate your University of Hawaii Email mailbox, kindly CLICK ON THIS LINK to visit the University of Hawaii customer secure LINK specified on this email and fill out the account validation form to validate your University of Hawaii email powered account:"

Pay attention to weird wording: Yep, those messages went out with the grammatical, typographical and spelling mistakes shown above.

While we all make errors in our emails, they also are an indicator that the message could be coming from crooks.

Odd wording also is a clue, like the plural "mails" on hold, rather than just mail or email or the contraction mail's for mail is.

Whenever anything strikes you as a bit off in an email, especially one seeking personal, financial and/or tax data, pay attention to your intuition.

Go directly to the purported source through a different email you send. Or call the office that's supposedly sending the email directly.

Most of all, as the IRS advises, don't click on any link in a suspicious email or download any attachment.

Foreign based scammers: Some of the off-kilter wording often is because English is not the crooks' native language.

That's the case in most of the IRS employee impersonation calls that have created the biggest phone tax scam ever.

International law enforcement did make a dent in the scheme late last year. Indian officials raided call centers in that country where the scam originated and the U.S. Department of Justice indicted 61 people in connection with the criminal calls.

The New York Times has an interesting article in today's paper on a pair of young men who were part of the tax scam, which the paper says has cost victims $100 million since 2013.

The key to the scam's success, one of the former caller center workers said, is that "Americans fear their state. I think they actually are really afraid of their government. In India, people are not afraid of police. If anyone wants to come and arrest, they say, 'Come and arrest.' It is easy to get out of anything. But in America they are afraid. We just need to tell them, 'You are messing with the federal government,' and that is all."

Let's make 2017 the year that we stand up to that fear and to the crooks using it to steal our identities, money and tax refunds.

You also might find these items of interest:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)