How to avoid getting scammed come tax time

  • Tax scams come in two major varieties: ID theft, whereby criminals file fraudulent tax returns, and tax scams, where callers convince victims they owe taxes and collect payment information.
  • Fraudulent tax returns usually cost taxpayer victims only time lost, whereas money paid to scammers posing as IRS agents is most often gone for good.
  • The IRS communicates with taxpayers only through the mail, and never via text, phone call, email or other communications medium.
Mark Henricks, special to CNBC.com

Published 8:59 AM ET Mon, 23 Oct 2017

Income tax collections generated more than $3.3 trillion for the federal government in 2015, according to latest Internal Revenue Service figures. Along with that money, tax season also produces tens of thousands of tax rip-offs that cost individual taxpayers and the IRS much time and many millions of dollars.

Tax rip-offs come in two main types. Identity theft involves obtaining enough information about a taxpayer to file a fraudulent tax return and then collecting a refund. In the other variety, a scammer impersonating an IRS official contacts an unwitting taxpayer and tricks the victim into handing over money.

Scammers claiming to be from the IRS may ask for debit or gift card information for payment.

Alexandra Iakovleva | Getty Images
Scammers claiming to be from the IRS may ask for debit or gift card information for payment.

A taxpayer whose identity has been used to file a fraudulent return may be significantly inconvenienced. For example, his or her legitimate refund may be delayed nine months or more, rather than the customary three weeks or less, once a scammer has filed a false return using that taxpayer’s information.

However, identify theft fraud is unlikely to cost an individual taxpayer any actual money. The government, not the taxpayer, bears the cost of fraudulently obtained refunds.

Tax scams, on the other hand, result in direct financial losses to victims. When a taxpayer gives funds to scammers impersonating an IRS agent, the money is lost.

Frequency of tax stings

Of the two types of tax rip-offs, identity theft is more common. From late January to early March 2017, the IRS identified 14,068 fraudulent returns involving identity theft, the Treasury Inspector General for Tax Administration (TIGTA) said in its April interim report on 2017 collections. The final report is due in September 2017.

Impersonation scams were somewhat less common. From October 2013 through June 2017, TIGTA reported 10,911 cases of someone impersonating an IRS agent. TIGTA didn’t supply a dollar value for the costs of fraudulent returns, but says taxpayers lost $57,963,603 to impersonation scams during that period.

How to avoid being scammed

Fending off tax scammers is often easy, according to experts. Swindlers impersonating IRS agents typically phone victims, tell the taxpayer that he or she owes the IRS and threaten legal action unless payment is made immediately.

Neil Becourtney, an Eatontown, New Jersey-based CPA with New York accounting firm CohnReznick, says clients have contacted him after calls from scammers impersonating IRS agents.

They say you have a balance and if it’s not paid we’re going to lock you up,” Becourtney said. “They ask for gift cards, debit cards or money orders.

More from Investor Toolkit:
Health care an ever-bigger part of retirement planning
Don’t get emotional about your investments
How to plan — financially — for divorce

“They’ll sometimes ask for your bank information so they can transfer funds out of your bank account.”

Scammers may trick caller ID to show a call as coming from IRS, offer badge numbers and otherwise convincingly portray IRS agents. However, no matter how persuasive the message, if it comes by phone it’s a scammer, according to the IRS.

“Our normal correspondence is a letter in the mail,” said IRS spokesman Raphael Tulino. “It’s not a random threatening phone call.” Nor, according to a July 2017 IRS scam alert, will agents contact taxpayers by email, text message, fax, social media or a knock on the door, all of which have been used by scammers to set up their victims.

Fending off identity fraud

Identity theft fraud can be harder to defend. Identity thieves often operate by sending taxpayers so-called “phishing” emails or text messages purporting to be from the IRS and containing links that, if clicked, will transmit identity details to criminals.

“Phishing emails are designed to look like legitimate emails from the IRS or other financial institutions, but are actually from a cybercriminal looking to steal your personal information,” said Gary Davis, chief consumer security evangelist for cybersecurity firm McAfee. “If you suspect an email is a phishing email do not click any of the links in the email, and instead go directly to the purported source’s website.”

Your Wealth:Weekly advice on managing your money

Sign up to get Your Wealth

Job Industry
Advertising/Marketing
Automotive
Communications/PR
Construction/Manufacturing
Education
Finance/Banking/Insurance
Legal
Media/Entertainment
Medical/Health Care
Mining/Oil/Gas/Utilities
Gov’t/Non-Profit
Real Estate
Retail
Technology/IT
Transportation/Shipping
Travel/Hospitality
Other
Get this delivered to your inbox, and more info about about our products and service. Privacy Policy.

But even ignoring every suspicious email may not be enough. “A new scam in tax season 2017 involved an IRS impersonator calling individuals to verify tax return information over the phone,” said Nathan Rigney, tax research analyst at H&R Block’s Tax Institute.

“The scammer claims to have the taxpayer’s return, but needs to verify the taxpayer’s identity to ensure the return was not fraudulent,” Rigney said. “The scammer goes on to ask for the taxpayer’s Social Security number or even bank account information.”

Rigney says a caller who asks for personal information is likely not from the IRS. “The IRS will never seek to verify a taxpayer’s identity by seeking personal information over the phone or through email,” he said.

Other ways fraudsters steal IDs

In order to file a fraudulent return, however, a criminal needs only a taxpayer’s name, birth date and Social Security number. And a scammer may get these without contacting a taxpayer, such as from a data breach at another organization.

There are many ways to get a Social Security number, name and date of birth,” said Paige Hanson, identity education lead for cybersecurity firm Symantec. “And those are the things the fraudsters are using.”

A taxpayer’s most effective way to keep anyone from filing a fraudulent return in his or her name may be to file as early as possible, Hanson says.

“The bottom line is that under no circumstances will the IRS initiate contact out of the blue asking you to click on a link.”-Raphael Tulino, IRS spokesman

Tax preparers say the first sign of a fraud is often when IRS rejects a return because a return with the same information has already been received. Even if a taxpayer’s information has been compromised, if he or she files first, the false return will be the one rejected.

Hanson also suggests being vigilant about junk mail. A sudden decrease in unsolicited commercial mail, especially around the January start of tax season, could mean someone has stolen identity information and is diverting mail to collect W-2s and other tax documents to facilitate a fraudulent return, she says.

To avoid most tax scams, however, all that’s necessary is to ignore any message purporting to be from the IRS unless it’s a letter.

“The bottom line is that under no circumstances will the IRS initiate contact out of the blue asking you to click on a link,” said Tulino of the IRS. “Nor are we contacting anyone with a threat of a lawsuit demanding immediate payment. That’s a scammer.”

— By Mark Henricks, special to CNBC.com