Fraudsters often try tricking businesses and others into sharing personal information — such as names, passwords and account numbers — through emails, texts and direct messages made to look like they come from a legitimate source, like the IRS, a bank or a trusted tax professional.
In some recent schemes, social media is used to dole out misleading tax advice about refunds and eligibility for tax credits like the Fuel Tax Credit or the Paid Sick and Family Leave Credit. In other instances, social media has been used to connect taxpayers with scammers to try to get them to falsify forms. In others, scammers impersonate charity organizations, then use spoofed websites and phone numbers, as well as fake email messages, to draw in the unsuspecting.
With defenses against fraud becoming more sophisticated over the years, identity thieves are increasingly looking for new ways to steal valuable information from businesses large or small, individual taxpayers. With these scammers constantly evolving their tactics, everyone needs to remain vigilant throughout the year.
What Can You Do?
Exercise caution about solicitations and any accompanying links, attachments and contact information they contain. Never click, call or reply without first independently verifying the source.
Identity thieves often ramp up their efforts during the holiday shopping season, which is already in full swing, and as tax time approaches. They’ve increasingly focused on businesses and individual taxpayers in the hopes of circumventing the strengthened defenses the IRS and its partners have put in place in recent years.
Taxpayers, businesses can protect themselves with extra security
With identity thieves looking for better sources of data to try filing false tax returns, business and taxpayer security is even more important. Taxpayers and businesses should remember to take some simple - but frequently overlooked - steps to protect their important financial and tax information. These include:
Set security software to update automatically.
Back up important files.
Require strong passwords and pair them with multi-factor authentication.
Encrypt all devices.
More information and additional recommendations can be found at the Federal Trade Commission’s Cybersecurity for Small Business page. Businesses and consumers are also encouraged to report IRS-related scams to phishing@irs.gov.
Businesses are also encouraged to keep their Employee Identification Number (EIN) information current and to report changes of address or reporting party promptly and within the required 60 days using IRS Form 8822-B, Change of Address or Responsible Party - Business.
What to do after a possible identity theft
If the theft occurred because of a scam targeting Form W-2 information, there are special reporting procedures, which can be found in the business section at Identity Theft Central.
Businesses can also use the Business Identity Theft Affidavit (Form 14039-B) to proactively report potential identity theft to the IRS if they:
Receive a rejection notice for an electronically filed return because another return is already on file for the same period.
Get a notice about a tax return they didn’t file.
Are notified about forms W-2 they didn’t file.
Notice a balance due when one isn’t owed.
If businesses are the victim of a data breach with no tax related impact, they should visit Identity Theft Central’s business section for details on reporting the theft.
Remember, the best course of action when it comes to fraud is prevention--exercise caution about who you exchange sensitive information with and how you are doing it. Here at Allegro, we always meet or exceed privacy and security standards with our clients' personal information.
Kommentare