2021—Year of the Tax Scam

by Social-Engineer on March 15, 2021

It’s that time of year again, tax season! The inevitability of taxes brings along another inevitability, tax-related scams. Attackers are always changing and adapting. Every year their methods grow in variety, complexity, and boldness. They are always ready to hop onto the newest trends and exploit the latest technology to find the quickest route to steal your identity and money.

What to Expect

You wake up in the morning, and its tax season! But you just haven’t had time to get to it yet. On your phone, you see a voicemail notification, so you listen to it. As you hear the message, your face goes pale and your heart races… even before your first sip of coffee. An automated message is threatening to cancel your social security number, call the police, and have you arrested! To avoid these actions all you have to do is call a specific number and use a prepaid debit card to get this all cleared up.

Later the same day, you receive a text message.It is from an unfamiliar number and claims to be from your favorite tax software. The message states you can receive a tax bonus by clicking the link shown and then filling out an online form. Or the text message is claiming to be from the IRS (Internal Revenue Service), letting you know there is a $1200 Economic Impact Payment check waiting for you, just follow THIS link and fill out the form to receive it.

Then at work, while checking your email, you have an email from the IRS! @IRSonline.com.” There is even an attachment named “Tax Transcripts” you need to review.

What to Do

These three examples are just a sample of the scams attackers are using to target every one of us right now. There are scams for people who have already submitted their tax returns, and there are scams for people who have not. Nowadays, there are even scams for people who use software to file from home AND scams for people who use tax return agencies. Either way, tax season is a time for the attackers to take advantage of people. So what can you do?

Keep informed

This is not the only blog or article about tax scams, and it is not the first time we’ve written about it. Being aware of the threats out there can help keep you safe. The linked IRS web-page has a list of common scams and articles about each one. They are all equally important. Review the articles and keep yourself informed.

Think before you click

Do not click on any links when are not certain of their origin or identity. Do not click on links from addresses you do not know. If you are unsure of the genuineness of a link, you can check it. Google has a handy little tool where you can paste links into it to check their credibility.

Remember

The IRS website states: “The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.”

Do not call back

If you receive a threatening call, robotic or otherwise, do NOT call back. By doing so, you let the scammers know you are emotionally invested in, and willing to spend the time on, their scheme. So, they will more likely continue their attacks.  Instead, you can look up the official number for any agency they claim to be. Contact the agency directly using the official number, if you are concerned about any of the messages you have received.

Report the scam

If you identify a scam, a phishing email, or other form of tax or identity fraud, report it! Doing so can potentially shut down an avenue of attack, protecting others, and/or your company (if your company blocks attacks coming from those addresses). The IRS has a chart with helpful links on several ways to report fraudulent activity.

Tell Your Family, Tell Your Friends, Tell Your Colleagues

One of the most effective defenses against scams is knowledge. By sharing what you’ve learned here and through your research, you are creating your own little security advocacy group. Encourage those around you to do the same. Work together to keep each other safe, and informed. Stay safe this tax season. Be vigilant, as we work together to keep the scammers and attackers at bay.

Sources:
https://faq.ssa.gov/en-us/Topic/article/KA-10018
https://www.irs.gov/newsroom/irs-warns-people-about-a-covid-related-text-message-scam
https://www.usa.gov/irs-scams#item-214333
https://www.social-engineer.org/general-blog/lookout-for-tax-scams/
https://www.irs.gov/newsroom/tax-scams-consumer-alerts
https://transparencyreport.google.com/safe-browsing/search
https://www.irs.gov/
https://www.irs.gov/individuals/how-do-you-report-suspected-tax-fraud-activity