The 2020 IRS “Dirty Dozen”
In what has become somewhat of a rite of summer, the IRS annually releases a "Dirty Dozen" tax scam list. I kind of wondered with limited staffing due to Covid-19 if this year's list might be a casualty.
Alas, they did now disappoint and the 2020 list has been released. The 2020 list places special emphasis on aggressive schemes related to coronavirus tax relief, including economic impact payments.
As IRS Commissioner Chuck Rettig said, "Tax scams tend to rise during tax season or during times of crisis, and scam artists are using the pandemic to try stealing money and information from honest taxpayers".
Without further ado, here are the 2020 scams, including several new ones:
Phishing involves fake emails or websites aiming to steal personal information. The IRS Criminal Investigation Division has seen a tremendous increase in phishing schemes using emails, letters, texts, and links. Taxpayers should be especially wary of keywords, such as "coronavirus," "COVID-19," and "Stimulus." Remember, the IRS doesn't use email to contact you, so don't click on the links in any such email.
Fake charities make the list every year, and, unfortunately, fakes often increase during times of crisis.
Fraudulent charity schemes usually start with unsolicited contact by telephone, text, social media, email, or in person. Bogus websites often use names similar to legitimate charities to trick people into sending money or providing personal financial information.
Legitimate charities will provide their employer identification number (EIN), if requested, which can be used to verify their legitimacy. You can also find legitimate, qualified charities with the search tool on irs.gov.
Threatening impersonator phone calls is a common scam where a criminal calls claiming to be with the IRS, and threatens arrest, deportation, or license revocation if you fail to do what they want. Again, remember, the IRS will never threaten a taxpayer or surprise him or her with a demand for immediate payment, especially over the phone.
Social media scams, also new to the list, frequently use events like COVID-19 to try to trick people. Scammers use information people share on social media for a wide variety of scams, including to send emails impersonating a person's family, friends, or co-workers.
Social media scams have also led to tax-related identity theft. The basic element of social media scams is convincing a potential victim that he or she is dealing with a person close to them that they trust via email, text, or social media messaging.
Economic impact payment or refund theft involves criminals filing false tax returns or supplying other bogus information to the IRS to divert refunds to wrong addresses or bank accounts.
The IRS recently warned nursing homes and other care facilities that economic impact payments generally belong to the recipients, not the organizations, because people and businesses may be taking advantage of vulnerable populations who received the payments. These payments do not count as a resource or as income for determining eligibility for Medicaid and other federal programs.
Senior fraud is rampant, and in fact, seniors are more likely to be targeted and victimized by scammers than any other segment of society. Seniors may be victims of financial abuse in many of their personal and professional relationships, but such fraud seems to be substantially reduced when a trusted friend or family member takes an interest in the senior's affairs.
Scams targeting non-English speakers is closely related to many of the scams already mentioned. IRS impersonators and other scammers targets groups with limited English proficiency and are often threatening or seek to confuse. Recent immigrants are often the most vulnerable to these scams.
Unscrupulous return preparers, another recurring item on the list. Selecting the right return preparer is important because preparers have taxpayers' personal data. Although most tax professionals are upstanding, dishonest preparers are around every filing season.
You should especially avoid "ghost" preparers. These are preparers who do not sign the returns they prepare, as required by law. Anyone who is paid to prepare federal tax returns must have a preparer tax identification number (PTIN) and must sign and include the PTIN on returns.
Offer-in-compromise mills are another new addition to the list this year. Misleading tax debt resolution companies may exaggerate their ability to settle tax debts for "pennies on the dollar" through an offer in compromise (OIC), enrolling unqualified candidates to collect hefty fees from those who are already struggling with debt.
Fake payments with repayment demands is one where scammers trick taxpayers into sending them their refund. The criminal steals or obtains a taxpayer's personal data, uses it to file a bogus tax return and has the refund deposited into the taxpayer's bank account. Once the money is in the account, the scammer calls the taxpayer posing as an IRS employee who tells the victim that there has been an error and the IRS needs the money returned to avoid penalties. This often involves the taxpayer being told to buy specific gift cards in the amount of the refund. The IRS will never do this.
Payroll and HR scams are designed to steal Forms W-2, Wage and Tax Statement, and other tax information. The IRS calls these scams business email compromise or business email spoofing. Two of the most common types of these scams are a gift card scam and a direct deposit scam.
The gift card scam uses a compromised email account to send a request to purchase gift cards in various denominations. In the direct deposit scheme, the scammer may impersonate the potential victim using his or her compromised email account to have the organization change the employee's direct deposit information to reroute their deposit to an account the scammer controls.
Ransomware is the final new addition to the list. Ransomware takes advantage of human and technical weaknesses to infect a computer, network, or server. Malware, a form of invasive software that the user inadvertently downloads, tracks keystrokes and other computer activity. Once a computer or network is infected, ransomware looks for and locks critical or sensitive data with its own encryption. In some cases, entire computer networks can be shut down.
Victims often are unaware of the attack until they try to access their data, or they receive a ransom request in a pop-up window. The criminals usually use anonymous messaging platforms and demand payment in virtual currency such as bitcoin.
While it's not possible to totally stop unscrupulous behavior such as the above, armed with this knowledge and taking great care, you can avoid becoming an unwitting victim of the "Dirty Dozen"!