During the tax season, cybercriminals impersonate IRS officials and call taxpayers, scarring them into taking desperate and hasty action. If you fall victim to their tactics, you could potentially lose a significant amount of money or even face legal consequences. They might request your financial details to redirect the tax rebate to their account or accuse you of underpaying taxes and demand an immediate payment of the extra amount.
These days, they are also exploiting AI to generate images, fake videos, invoices, forms, etc. Moreover, what’s worse is that they clone voices to fool people through calls.
According to the TIGTA’s Final Results of the 2023 Filing Season report, the taxing authority caught $13.8 billion in fraud tax. Not only this, but the IRS stopped the issuance of $1.2 billion in fraudulent rebates.
Social security numbers, login credentials, state IDs, access codes, and other high-risk details are some of the most common targets of impostors.
How Does a General Refund Fraud Unfold?
Threat actors design websites, PDFs, online forms, etc., with the branding of IRS and similar tax-collecting and managing authorities. Then, they call or email targets to get their financial details or scare them into making payments under the pretext of paying less tax than they owe. They may even compel you into taking desperate and mindless actions by giving arrest threats.
If they attempt an attack via fraudulent email, the recipient will be asked to click on a malicious link or QR code or download a file infected with malware.
Image sourced from communitytax.com
How to Stay Protected?
No one wants to lose their hard-earned money to fraudsters. So, here’s how you can steer clear of tax scams-
Refrain from Sharing Sensitive Details
Don’t share financial details over emails to unknown recipients. If it’s absolutely necessary for you to share such details, don’t forget to encrypt the attachments to ensure nobody tampers with them in transit.
Beware of Red Flags
Some common red flags of a tax fraud email or phone call are-
- Urgent tone, threats of arrest, or legal consequences.
- Pressuring for immediate payments, particularly through gift cards or wire transfers.
- Use of unprofessional language, grammatical errors, and low-quality visuals.
- Redirecting to dubious websites.
- Making unrealistic promises or demands.
- Surprising phone calls.
- Soliciting personal information such as Social Security Numbers over the phone.
- Unrequested technical assistance, especially if they seek remote access to your computer or ask for payment for services.
File Your Tax Return Early
Filing your taxes early minimizes the window for hackers to exploit vulnerabilities. Hackers take advantage of people who are in a last-minute rush to file taxes.
Double Check
If you happen to receive unexpected emails or calls promising substantial tax refunds or alleging tax underpayment, it’s crucial to verify by contacting the official channels provided on the legitimate website.
To take this step, open your web browser and manually enter the tax authority’s name. Then, navigate to their official site to find authentic contact information.
Using Sender Policy Framework (SPF)
To safeguard against tax-related scams using the Sender Policy Framework (SPF), ensure that your SPF records are properly configured to authenticate the email sender’s identity. Implement strict policies to reject or quarantine emails that fail SPF checks, thereby preventing malicious actors from spoofing legitimate domains to perpetrate tax-related scams. Regularly monitor and update your SPF record to adapt to evolving threats and ensure comprehensive protection against fraudulent activities targeting tax-related communications. Additionally, educate employees about email security.