Tax subsidies for sports facilities under fire again
California, U.S. territory taxpayers get disaster tax relief

Friday the 13th alert: Beware these 13 tax ID theft scams

If Halloween isn't scary enough for you, this October also has a Friday the 13th, which if you haven't looked at a calendar yet, is today.

Friday 13th giphy

It's a terrible day if you're superstitious or suffer from paraskevidekatriaphobia. And making things even more frightening, the Internal Revenue Service has some terrifying news about tax scams.

This week alone, the IRS has issued two warnings about tax-related identity theft schemes.

First was the phishing attempt to hook tax pros by using the agency's e-Services as bait.

Now there's a fake insurance tax form scam that's being used to access annuity and life insurance accounts. The IRS says this criminal scheme also targets tax professionals and their clients.

Fake insurance phishing: There may be variations of the insurance scam, says the IRS, but details below show how one scam version works.

The cybercriminal, impersonating a legitimate cloud-based storage provider, entices a tax professional with a phishing email. The tax professional, thinking they are interacting with the legitimate cloud-based storage provider, provides their email credentials including username and password.

With access to the tax professional's account, the cybercriminal steals client email addresses. The cybercriminal then impersonates the tax professional and sends emails to their clients, attaching a fake IRS insurance form and requesting that the form be completed and returned.

The cybercriminal receives replies by fax and/or by an email very similar to the tax professional's email, using a different email service provider or a slight variation of the tax pro's address.

As for the email itself, the IRS says the subject line varies, but it may be "urgent information" or a similar request.

Here's an example of the awkwardly worded text in the body of the email:

Dear Life Insurance Policy Owner,

Kindly fill the form attached for your Life insurance or Annuity contract details and fax back to us for processing in order to avoid multiple (sic) tax bill (sic).

The cybercriminal, using data from the completed form, impersonates the client and contacts the individual's insurance company. The crook then attempts to obtain a loan or make a withdrawal from those accounts

13 scary tax scams: With this recent rash of identity theft scams, it seems only fitting on this Friday the 13th to review some of criminal efforts that have recently made the rounds. Of course, it numbers 13.

  1. Fake insurance letter email
  2. e-Services phishing scam
  3. Fake charities in the wake of Hurricane Harvey
  4. Friday the 13th black cat_Little Gothic Horrors via PinterestPhishing scam from crooks impersonating tax software companies
  5. Cons pose as fake IRS agents calling to 'verify' filers' tax return information
  6. Tax telephone scam script rewritten to include mentions of fake IRS certified letters, EFTPS option
  7. Fake CEO phishing tax scam is back
  8. Phishing criminals pose as potential tax clients to infiltrate tax preparers' systems
  9. Tax pros targeted in 'mail on hold' e-services phishing scam
  10. Telephone tax scam targets students with fake 'federal student tax' call
  11. Look out for smishing tax identity thieves
  12. Tax phishing scam artists pretend to be members of Taxpayer Advocacy Panel
  13. Fake IRS agent telephone scam continues despite alleged mastermind's arrest

Fighting off bad tax spirits (and scams): If you get any of these scam or phishing contacts — or new versions that no doubt will soon pop up — the IRS (and I) remind you of three things not to do:

  • Never give out personal or financial information to unknown, unsolicited callers.
  • Don't reply to questionable emails from unknown, unsolicited message senders.
  • Don't click on links or open attachments in suspicious emails.

And here are three things to do if you're ever targeted by a tax identity thief con artist:

  • Contact the Treasury Inspector General for Tax Administration (TIGTA) to report telephone tax scam calls. Use TIGTA's IRS Impersonation Scam Reporting web page or call toll-free (800) 366-4484.
  • Report scam attempts to the Federal Trade Commission (FTC). Use the online FTC Complaint Assistant on FTC.gov.
  • Send a copies of phishing emails to the IRS at phishing@irs.gov.

Finally, be skeptical and trust your gut. If something seems off, step back and investigate.

"These scams evolve over time and adjust to reflect events in the news, but they all typically are variations on a familiar theme," said IRS Commissioner John Koskinen. "Recognizing these schemes and taking some simple steps can protect taxpayers against these con artists."

Call the IRS yourself and find out if the message or call you got is correct or a criminal trying to take your info to file a fake return to collect a fraudulent refund.

Remember, tax scams don't die. Like Halloween (and TV and movie) zombies, they just keep coming back in new forms in search of more identity theft victims.

Remember, too, that tax crook goblins and ID theft ghouls are out there year-round, not just in Halloween's host month of October.

Advertisement

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)