National Tax Security Awareness Week and how it improved the 2017 Filing Season

Beginning the week of Dec. 5, 2016, the IRS rebooted its annual National Tax Security Awareness Week program. The information and advice published by the federal agency came at an opportune time, as tax filing season approached and instances of tax fraud appeared to be on the rise.   The IRS admitted that in previous years, not enough was done to educate taxpayers on the risk of tax fraud and how to identify and report scammers. Throughout the 2017 filing season, the agency and tax professionals are making a concerted effort to curb the trend of increased fraud by focusing on consumer education.  

The risk of tax fraud

As explained in a New York Times report, tax fraud is a big business for those who commit it, and the first months of the year when Americans are rushing to meet April filing deadlines are their biggest season. Studies from the Treasury Inspector General for Tax Administration estimated that between 2013 and 2016, the IRS was aware of at least 5,500 victims of similar tax scams in which around $29 million had been paid to the perpetrators. In many of these cases, victims were defrauded by someone impersonating a federal agent over the phone or via email, claiming the victim owed late taxes or fines and demanding immediate payment. As The New York Times​report explained in detail, many of these scams could be traced back to call centers in India.   The method of the IRS impersonators, according to government and media reports, is based on intimidation. The Treasury Inspector General report estimated a single caller working in one of these quasi-professional New Delhi offices would be required to make as many as 400 calls per day. They also specifically targeted elderly and immigrant households as these groups could be more likely to cave to fear or simply misunderstanding. Scammers often use brash language and threaten possible victims with federal prosecution if they don’t meet demands.   If the caller or email impersonator was able to frighten someone into taking the bait, according to The New York Times report, they would often instruct the victim to make an anonymous wire transfer or purchase prepaid gift cards worth several thousands of dollars. These payments are often difficult to trace, allowing the scammers to disappear once the victim became aware of the situation.  

Preventing tax scams

The IRS believes that the best way to avoid tax fraud is for the public to be aware of its prevalence. While scams involving impersonation via phone or email have become more common, they are far from the only method of tax fraud. Consumers could also unknowingly be at risk every time they file their taxes online, or even when making routine digital purchases.   “In the months ahead, more than 100 million tax returns will be completed on laptops and desktops by taxpayers and tax professionals, making this the perfect time to take steps to protect your valuable information,” IRS Commissioner John Koskinen said in a statement for Tax Security Awareness Week. “[W]e also encourage everyone to look out for friends and family who may not be tech savvy and may be leaving their computers vulnerable to identity thieves.”   To make this possible, taxpayers and the professionals who may assist and advise them should be aware of the essential steps involved in preventing the most common methods of tax fraud.  

Digital security

Understanding the best practices for safe internet use is important for anyone who spends any time online.   Create strong passwords One of the easiest ways for a criminal to access someone’s personal data is to guess their password. As security software maker McAfee noted, many people use passwords that are very easy to guess, or use the same password on multiple accounts. Users can protect themselves by creating strong passwords consisting of at least eight characters in a random assortment of letters, numbers and symbols. Even better, they can use one of several inexpensive password managers to securely store a unique key for each of their online accounts.   Keep software up to​date Computer and mobile device manufacturers routinely release updates to operating systems and related software. These updates often fix flaws that criminals could exploit to steal sensitive data from a user. By being sure to update software as soon as they are prompted, users can stay a step ahead of hackers who might rely on these security flaws. The IRS also recommends PC users install a reputable antivirus program for even greater security.  

Recognizing phishing scams

In programs related to National Tax Security Awareness Week, some scammers mentioned using common tactics they used to lure potential victims. Understanding how these “phishing” scams work can make taxpayers less likely to fall prey to these criminals.   Phishing is a term used to describe a deceptive tactic used by many digital criminals. As a guide from Microsoft explained, phishing scammers create bogus email accounts, instant message accounts and websites to trick users into giving up private information like their password, Social Security Number or something similar. A phishing email is designed to look like it came from a legitimate source, such as a bank, a web service company or even the government.   These emails go to great lengths to trick victims, often incorporating the company’s logo and what appears to be an official email address and website. The message will usually claim that the user’s account may have been compromised, and therefore needs an updated password. Or the email might claim to be from an official agency and demand payment of taxes or late fees. Some phishing emails or phone calls even pretend to be a close family member or friend in desperate need of cash.   In general, legitimate businesses and government entities do not ask anyone to provide sensitive information over the phone or via email. Users who come across these scams should not click any links or follow any instructions provided. Using a web search or phonebook, it’s possible to find a legitimate contact method for the company or agency and ask them to confirm account status.   For example, someone who suspects they received a fraudulent email or call from the IRS should first ignore the message, then call the agency’s official hotline (1-800-366-4484) and explain the situation. Suspected phishing emails may also be forwarded to phishing@irs.gov – but do not reply to the message or download any attachments.  

Protect yourself and your information

Taxpayers who are aware of common fraud tactics and who take steps to protect their digital devices and accounts are already several steps ahead of most cyber criminals. But it’s still important to be vigilant of fraud that could occur without the use of a computer or even a phone.   A social security card and any document used to prove citizenship should be protected to an even greater degree. The IRS strongly urges U.S. citizens not to carry their Social Security card when in public unless they have a rare reason to do so. In addition, everyone should do their best to safeguard their Social Security Number, since it can be used by criminals to access bank accounts, commit tax fraud and much more. That means it’s best not to carry any document with a Social Security Number at any time. Instead, practice memorizing the number.  

For tax professionals

When it comes to security and fraud prevention, tax professionals have their own unique responsibilities. In a guide specifically for tax preparers and advisors, the IRS recommended specific steps to safeguard client information.
  • First and foremost, all tax professionals and their organizations must make a commitment to complete confidentiality by restricting access to and disclosure of any personal information. At all levels of the organization, there must be precise safeguards in place to keep sensitive data out of the wrong hands.
  • Taxpayer data must also be accessible to the client in a secure way. That means following the latest protocols for network encryption, data storage and secure communication.
  • Unauthorized modification or destruction of client data presents a major security risk, not to mention a poor reflection on a company’s reputation. All taxpayer data should be protected from unauthorized changes, and properly destroyed with the full consent of all parties involved.
  Many of these steps are required by law, so every tax professional should become familiar with them. The IRS also distributes a standard single-page form to keep every taxpayer and business up to date on security threats and preparedness.   Preventing tax fraud and other forms of theft is certainly a group effort. With National Tax Security Awareness Week now in the rearview mirror, the IRS and tax professionals everywhere are hoping for a safer 2017 filing season.