New client, BOI scams proliferating as tax season 2024 begins
Friday, January 19, 2024
A new tax season also brings the resurgences of tax scams.
The Internal Revenue Service and its Security Summit partners earlier this month alerted tax professionals to watch out for a new round of filing season-related email schemes where cybercriminals pose as potential clients.
Now FinCEN, the Treasury Department bureau that focuses on financial crimes, notably money laundering and terrorism, reports that there have been fraudulent attempts to obtain information from individuals and entities who may have to comply with new Corporate Transparency Act reporting requirements.
Here's a look at these two schemes popping up as we start a new year and tax filing season.
New tax client scam: New client scams are perennials, and the IRS says it started getting reports of the 2024 version as soon as the calendar page flipped to January. But it's worthwhile to remind tax professionals, both veterans and those who are new to the business, of this scheme.
Identity thieves target accounting groups and tax preparation firms with unsolicited fake emails in which they impersonate real taxpayers seeking help with their taxes. What they really are trying to get is any information from tax pros that could help the emailing crooks gain access to their targets' client data.
The IRS shared the following example of a current new client scam that's been reported.
Subject: 2024 Tax Submission
Hello,
My name is (name can vary), I am searching for another CPA to help handle my taxes.
Is it safe to say that you are accepting new clients for the 2024 tax season? Do you additionally assist with IRS representation?
I figured I may have an issue with last year's return. (Click) HERE TO VIEW MY CREDENTIAL [Link to a phishing web address]
Upon your approval, we can arrange a physical or virtual meeting to discuss my situation and also provide my tax documents amongst others.
Kindly prompt how you plan to push ahead.
Best Regards,
(Name varies)
When a tax pro responds to the initial fraudulent email, the scammer sends a second email that has a link or attachment that is presented as the potential new client's tax information or access to a site with that data.
However, that link or attachment is a way the cybercriminals collect the preparer's email address, password, and possibly other information. It also could be a way for the crook to load malware onto the tax pro's computer to gain access to the firm's database.
Phishing red flags: The IRS warns that some new client phishing emails may appear to come from a legitimate sender or organization, perhaps even a friend or colleague, because that friend or colleague had their email account credentials stolen.
When the email purportedly comes from an organization, verify that by using another communication method. Call a number you independently know to be accurate, not the number provided in the email or text.
When a personal recommendation is cited in the email, don't accept that at face value. Touch base with the person you do know to confirm that they indeed suggested the emailer contact you.
Also be alert to common phishing email red flags. These include awkwardly phrased sentences, odd word usage, and grammatical or spelling mistakes.
If you get a new tax client scam email, forward it, including the full email headers, to the IRS at [email protected]. If you incur any monetary losses due to an IRS-related scam incident, report it to the Treasury Inspector General Administration (TIGTA), Federal Trade Commission, and the Internet Crime Complaint Center. Also consider forwarding the email to your internet service provider's abuse department.
Beneficial ownership report scam: A new business reporting law as part of the Corporate Transparency Act took effect on Jan. 1. This beneficial ownership information, or BOI, reporting requirement was created to help U.S. officials stop bad actors from hiding ill-gotten gains through shell companies or other opaque ownership structures.
The BOI requirement also is now the newest scam vehicle.
If you're reading this on a small device, the alert reads:
FinCEN has been notified of recent fraudulent attempts to solicit information from individuals and entities who may be subject to reporting requirements under the Corporate Transparency Act. The fraudulent correspondence may be titled "Important Compliance Notice" and asks the recipient to click on a URL or to scan a QR code. Those e-mails or letters are fraudulent. FinCEN does not send unsolicited requests. Please do not respond to these fraudulent messages, or click on any links or scan any QR codes within them.
Tax Felon Friday: Whenever you get any unsolicited email, be cautious.
Some are innocent. Others are errors. But too many are unscrupulous efforts, like the two scams featured here, to steal tax and other personal and financial information.
Tax pros and individual taxpayers are likely to seem at least some of the criminal versions or emails during this (and future) filing seasons. So, the new-client and BOI scams get this week's Tax Felon Friday spotlight.
You can catch up on previous tax crime posts, including those that were published long before I gave them a special designation, in the, what else, tax crimes category. You'll find this post at the top of that collection right now, so just scroll down for more.
And new this new year, you also can find my Tax Felon Friday specific posts in the ol' blog's new page titled, what else, Tax Felon Friday.
You also might find these items of interest:
- How to report tax scams and fraud
- IRS welcomes voluntary disclosure of dubious ERC claims
- New IRS document provides written tax data security plan guidance
- Watch for these data theft red flags, by tax and other financial crooks
Advertisements
🌟 Search Amazon Electronics 🌟
The text link above is an affiliate ad. If you click through and then buy a product, I receive a commission.
Comments