Tax scam: A game of speed and numbers
- By Karen Epper Hoffman
- Apr 17, 2017
In late January, the IRS released a list of a “dirty dozen” potential tax scams that trick taxpayers into giving criminals access to their tax records, opening them up to identity theft. Becoming increasingly popular are phone fraud and phishing attacks. For example, crooks often impersonate IRS agents in effort to collect taxpayer information, often threatening their victims with police arrest, deportation or the revocation of driver’s license if they do not provide detailed data.
Another increasingly prevalent concern pointed up by the IRS earlier this year is the so-called W-2 scam. This is an email-based scam where a fraudulent party uses a corporate executive’s name (and often other readily accessible information) to request employees’ W-2 forms from a company’s payroll or human resources’ department, in order to acquire this valuable information en masse. “These attacks are extremely prevalent during tax season and the period in which students apply for financial aid,” John Bambenek, threat research manager at Fidelis Cybersecurity said. “It’s big money, so criminals are attracted to it. Tax returns can be thousands of dollars, so if a criminal can divert it, it is a big payday.”
“Tax season is the perfect opportunity for cybercriminals to monetize data obtained from relatively low effort phishing, like the W-2 scam,” said David Vergara, head of global product marketing for VASCO Data Security. “The volume of tax activity, coupled with the speed in which they submit fraudulent returns, makes it virtually impossible for the IRS to catch it all."
Cybercriminals who file fraudulent tax returns before the taxpayer and can successfully repeat the process get the biggest prize, he added: “It’s a game of speed and numbers.”
Karen Epper Hoffman is a freelance writer based in the Seattle area.