Federal Tax Refund Fraud Scheme

Tuesday, February 27th, 2018

Just days into the start of the 2018 filing season, the IRS identified a new scam in which cybercriminals have stolen client data from tax professionals and filed fraudulent refunds using real taxpayer information, including bank account and routing information for Direct Deposit.

The fraudster then contacts the taxpayer posing as an employee of a debt collection agency working on behalf of the IRS. They ask the taxpayer to take certain steps to return the refund, but actually the refund goes to the criminals.

IRS guidance to taxpayers who are victims asks them to contact the Automated Clearing House (ACH) department of the bank/financial institution where the Direct Deposit was received and have them return the refund to the IRS. The IRS also asks the taxpayers to call the agency toll-free at (800) 829-1040 (individual) or (800) 829-4933 (business) to explain why the Direct Deposit is being returned.

Tax professionals should review the Security Summit’s Don’t Take the Bait campaign, which outlined the various scams used by criminals to trick practitioners.

Tax professionals are urged to seek cybersecurity experts to help better secure their data. Here’s a reminder of some basic steps tax professionals can take:

  • Educate all employees about phishing in general and spear phishing in particular.

  • Use strong, unique passwords. Better yet, use a phrase instead of a word. Use different passwords for each account. Use a mix of letters, numbers and special characters.

  • Never take an email from a familiar source at face value; example: an email from “IRS e-Services.” If it asks you to open a link or attachment, or includes a threat to close your account, think twice. Visit the e-Services website for confirmation.

  • If an email contains a link, hover your cursor over the link to see the web address (URL) destination. If it’s not a URL you recognize or if it’s an abbreviated URL, don’t open it.

  • Consider a verbal confirmation by phone if you receive an email from a new client sending you tax information or a client requesting last-minute changes to their refund destination.

  • Use security software to help defend against malware, viruses and known phishing sites and update the software automatically.

  • Use the security options that come with your tax preparation software.

  • Send suspicious tax-related phishing emails to phishing@irs.gov.

This newest scam also serves as a reminder to taxpayers that they should be alert to any unusual activity such as receiving a tax transcript or tax refund they did not request. Please review the Taxpayer Guide to Identity Theft for appropriate actions.

Taxpayers who receive a direct deposit refund that they did not request should take the following steps:

  1. Contact the Automated Clearing House (ACH) department of the bank/financial institution where the direct deposit was received and have them return the refund to the IRS.

  2. Call the IRS toll-free at 800-829-1040 (individual) or 800-829-4933 (business) to explain why the direct deposit is being returned.

  3. Keep in mind interest may accrue on the erroneous refund.

Source: www.irs.gov

Tags: , ,