The Legal Examiner The Legal Examiner The Legal Examiner search feed instagram google-plus avvo phone envelope checkmark mail-reply spinner error close
Skip to main content
John Bair
| Milestone Consulting, LLC

Every year, the Internal Revenue Service (IRS) discovers an innovative tax scam that threatens the identify and security of tax filers. This year, the new filing scam is so sneaky, the IRS is urging tax professionals to step up security and watch out for phishing emails that can secretly download malicious software.

catching financial scams

Online thieves have been stealing information for years so they can obtain fraudulent tax returns. But diligent efforts against identity theft force cybercriminals to continue to evolve their tactics to steal client data.

As a result, there is a new twist this year. In a few cases, fraudulent returns use taxpayers’ real bank accounts for the deposit. A woman claiming she is from a debt collection agency then contacts the taxpayers to say a refund was deposited in error, and she asks the taxpayers to forward the money to her, according to a press release by the IRS.

How to Protect Yourself and Report Theft

It’s important to note that the vast majority of data thefts occur because someone opened a phishing email and clicked on a link or attachment that contained malware. Some malware can then download secretly into a computer and allow thieves to see each keystroke or obtain remote access to computers.

For tax professionals, the IRS recommends the following steps:

  • Educate employees about phishing.
  • Use strong, unique passwords.
  • Never take an email from a familiar source at face value. Visit the IRS website for confirmation that the message is real.
  • If an email contains a link, hover the cursor over the link to see the URL destination. If it’s not a URL you recognize or if it’s an abbreviated URL, don’t open it.
  • Consider a verbal confirmation by phone if you receive an email from a new client.
  • Use security software to help defend against malware, viruses and phishing.
  • Use the security options that come with tax preparation software.
  • Send suspicious tax-related phishing emails to

For taxpayers, the key is to be alert to any unusual activity such as receiving a tax transcript or tax refund they did not request. Anyone who receives a direct deposit refund they did not request should take the following steps:

  1. Contact the Automated Clearing House department of the bank/financial institution where the direct deposit was received and have them return the refund to the IRS.
  2. Call the IRS toll-free at 800-829-1040 (for individuals) or 800-829-4933 (for businesses) to explain why the direct deposit is being returned.
  3. Keep in mind interest may accrue on the erroneous refund.

There is an official procedure for taxpayers to report theft to the IRS. The first step is to contact your state’s IRS Stakeholder Liaison, who will notify appropriate IRS officials. When notified immediately, the IRS can to help protect you from identity theft.

Cybercriminals are successful when people fail to act diligently to protect themselves. By taking the necessary precautions, you can help avoid falling victim to a tax scam.

Comments are closed.