Scams targeting tax professionals in phishing scam emails involving payroll direct deposit and wire transfer have been on the increase, warns the Internal Revenue Service.
The IRS and its Security Summit partners report that these business email compromise/business email spoofing (BEC/BES) tactics generally target all types of industries and employers, but recently the service has received a number of reports from tax preparers that they too are being targeted by these phishing attacks.
The IRS and its state revenue department and tax community partners are concerned that these phishing scams – as well as a W-2 scam – could increase as tax season approaches.
The scams take many forms, including fake invoice payments, title escrow payments, wire transfers or other schemes. One version is the W-2 scam, involving an email impersonating a person in authority who requests a list of an organization’s W-2s covering all of its employees. This Phishing Scam allows thieves to quickly file fraudulent returns.
These emails generally impersonate a company employee, often an executive, and are sent to payroll or human resources personnel. The email from the “employee” asks the payroll or HR staff to change their direct deposit for payroll purposes. Talk about identity theft and bank fraud altogether.
The “employee” provides a new bank account and routing number that’s actually controlled by the thief. This Phishing Scam is usually discovered pretty quickly, the IRS reports, but not before the victim loses one or two payroll deposits.
In another version of the phishing scam, the emails impersonate a company executive and are sent to the company employee responsible for wire transfers. The email requests that a wire transfer be made to a specific account controlled by the thief. Companies that fall victim to this phishing scam can lose tens of thousands of dollars.
Examples of lines in these emails reported by tax pros include:
“I changed my bank and I will like my paycheck DD details changed. Do you think this change be effective for the next pay date?”
“Subject: ACH Payment Attention … Please confirm the receipt of my message, can you handle domestic transfer payment now? Thanks you.”
A common theme in these and many other email scams is grammatical and spelling mistakes.
The public can file a complaint about email scams or other internet-related scams by going to www.ic3.gov. Tax pros should also report tax-related phishing emails to email@example.com.
Employers who fall victim to the W-2 scam should report it at firstname.lastname@example.org. Employers who receive the W-2 scam email but do not fall victim should forward the email to email@example.com.