Tesla buyers' tax break will be reduced in 2019 — if the federal tax credit is continued
5 ways to determine whether a charity is naughty or nice

Tax pros are targets of fake payroll direct deposit, wire transfer email ID theft scams

The-Grinch-Movie-2018-Promo-Art-Benedict-CumberbatchDr. Seuss' The Grinch movie image courtesy Illumination Entertainment

Grinches aren't always green. Sometimes we don't even know what they look like.

That's the case when they set their sights on stealing not only Christmas, but your identity by sending fake emails.

This holiday season, ID thieves have stepped up their phishing efforts. And some of those fake emails are going to tax professionals as part of payroll direct deposit and wire transfer scams.

Tax pros targeted, too: Phishing scams tend to be small-d democratic. The business email compromise and/or spoofing tactics generally target all types of industry and employers.

This year, however, the Internal Revenue Service and its Security Summit partners say they've seen an uptick in this latest spate of phishing among tax preparers.

The IRS, state revenue departments and the tax community are concerned that these email identity theft efforts — as well as the Form W-2 scam that was first reported earlier this year and is still around — could increase as the 2019 tax season approaches.

Fake direct deposit accounts: These emails generally impersonate a company employee, often an executive, and are sent to payroll or human resources personnel.

The email from the supposed employee asks the payroll or human resource staff to change his or her direct deposit for payroll purposes. The fake worker provides a new bank account and routing number, but it is actually controlled by the sending identity thief.

Below is an example of the direct deposit change email scam, edited by the IRS, recently reported by tax professionals to the tax agency:

Sent: Monday, December 10, 2018 [REMOVED]
Subject: (no subject)

Hello [REMOVED],

I changed my bank and I will like my paycheck DD details changed. Do you think this change be effective for the next pay date?


Sent from my iPhone

This scam is usually discovered pretty quickly, but not before the victim has lost one or two payroll deposits.

Fake executive request: In another version, the criminal emailer impersonates a company executive and sends the message to the employee within the business who is responsible for wire transfers.

This fake email requests that a wire transfer be made to a specific account that is controlled by the thief.

The wire transfer scam (IRS-edited example below) is similar to the direct deposit scam:

Date: 12/10/18 [REMOVED]
Subject: ACH Payment Attention


Please confirm the receipt of my message, Authorized can you handle domestic transfer payment now? 

Thanks you.

Sent from my iPhone

Companies that fall victim to this scam can lose tens of thousands of dollars.

Be vigilant: The IRS warns all businesses to be alert to these and other email scams, which can take many forms.

Among the phishing scams the Security Summit has seen are fake invoice payments, title escrow payments and wire transfers. All are designed to result in a quick payoff for the thief, which means a major cost to the scammed companies and employees.

One easy and immediate step is to pay attention to all your emails. When they have to do with finances, be suspicious when they include grammatical and spelling mistakes.

Reporting tax ID theft attempts: If you do get one of these phishing emails, forwarded it to Internal Crime Complaint Center (IC3), which is monitored by the Federal Bureau of Investigation. The public can file a complaint about email scams or other internet-related scams by going to www.ic3.gov.

Tax professionals and others who get such emails also should report tax-related phishing attempts to [email protected]. This account is monitored by IRS cybersecurity professionals. This reporting process also enables the IRS and Security Summit partners to identify trends and issue warnings.

The IRS also has set up a special scam reporting process for companies that have been or are target of the W-2 scam. Forward this scam email to [email protected]. Employers who've been victimized can follow the process detailed at Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.

And if your business received the W-2 scam email but did not fall victim, good for y'all! The IRS wants to know that too, so forward the email to [email protected].

Follow your instincts and these anti-phishing tips to keep your personal or company bank accounts from becoming two sizes too small due to Grinchy identity theft scams.

You also might find these items of interest:





Feed You can follow this conversation by subscribing to the comment feed for this post.


So you are basically saying that a stupid person can fall for an impersonated IRS phone call, E-mail and ask one to directly transfer their payrolls using some unidentified bank account or to a third party country. Well, if anyone falls for this kind of stupidity then they deserve to be ripped. However, you have not pointed out some major aspects that contributes to the success of these agendas. One of the main reasons why you could actually believe that the fake call or message you get is from an IRS agent is because they can use fake identification cards and identify themselves as a legitimate resident and officer on their behalf. One of my employee showed me his fake identity card last wee and he is not even 21 yet. He is from NC and has this North Carolina Fake ID Card and uses it for his drinking habits in bars and restaurants. Well, that means anyone can get one online and can certainly pose themselves as some one else over phone.

The comments to this entry are closed.