Michael Trimarchi at the Bloomberg Bureau of National Affairs wrote an excellent article about the continued risk of phishing, as reported by the IRS:
"The stealing of personal information through phishing and identity theft are major concerns of the Internal Revenue Service in 2018, the agency said March 21.
The IRS, which released its annual list of the 12 most common tax schemes, warned employers and individual taxpayers to remain vigilant about aggressive and evolving schemes.
“The schemes can run the gamut from simple refund inflation scams to technical tax-shelter deals,” the IRS said in a March 21 news release ( IR-2018-66). Such scams put employers and individual taxpayers at risk, the agency said.
Topping the list for the second consecutive year was phishing, which makes use of fake emails and websites to steal personal information. “The IRS will never initiate contact with taxpayers via email about a bill or tax refund,” the agency said. “Don’t click on one claiming to be from the IRS.”
Phishing, first raised by the IRS as a concern in early 2016, uses fake emails that are sent to those who have access to payroll data. The emails purport to be from a high-level company official seeking information about Forms W-2, Wage and Tax Statement.
Cybercriminals try to trick workers into disclosing employee names, Social Security numbers, and income information. They then attempt to file fraudulent tax returns for refunds, the IRS said.
In the first four months of 2017, 870 organizations reported to the IRS that they received a W-2 phishing email, up from about 100 organizations in the first four months of 2016, the agency said. Of the 870 organizations, about 200 lost data, up from about 50 in 2016.
In 2016, the IRS launched its verification-code pilot program for Forms W-2 in an effort to thwart identity theft and tax fraud. The program uses a 16-character code to authenticate employee data and match individual tax returns with the proper refund amount. Participating payroll service providers include the code in Box 9 of copies B and C of employees’ Form W-2 that are filed electronically.
Identity theft, which was the top IRS concern in 2016, was No. 3 on the list for 2018 and 2017.
“Taxpayers should be alert to tactics aimed at stealing their identities, not just during the tax filing season, but all year long,” the IRS said.
The agency, which is a member of the Security Summit partnership with states and tax-industry representatives, said it has made improvements in detecting return-related identity theft over the last two years. The number of taxpayers who reported themselves as identity theft victims in 2017 declined by 40 percent from 2016, the IRS said. In 2017, the agency received 242,000 theft reports from taxpayers, compared with 401,000 in 2016.
The annual decline was the second in a row. In 2015, there were 677,000 reports of identity theft, the IRS said. Overall, the number of identity theft cases fell 64 percent from 2015 to 2017, the agency said, adding that it continues to aggressively pursue criminals filing fraudulent tax returns using stolen Social Security numbers.
“Taxpayers need to guard against ploys to steal their personal information,” the IRS said. “And they should be wary of shady promoters trying to scam them out of money or talk them into engaging in questionable tax schemes.”
This article was cross-posted with grateful acknowledgement, and it Copyright © 2018 The Bureau of National Affairs, Inc. All Rights Reserved. This is the link to the original Bloomberg article: