The IRS Phone Scam and Other Tax Season Threats
When former NFL player Frank Garcia picked up the phone to answer what appeared to be a call from a Washington DC phone number, losing $4,000 was the least probable outcome in his mind.
Garcia is one of the millions of Americans who were duped into a fake Internal Revenue Services (IRS) agent phone scam that started in 2013. The fake IRS agents reportedly sounded authentic—or at least authentic enough to fool unsuspecting victims—as they delivered the following message:
“This is Internal Revenue Services. Your address is under state investigation. The reason for this call is to inform you that IRS is filing lawsuit against you [sic].”
For the victims of this scam, the fear of being sent to jail, fined, or having properties taken is reason enough to follow the instructions of the fake IRS agent. In Garcia’s case, this involved making eight stops to deposit $500 worth of Paypal credits in each one.
News reports indicate that the perpetrators of this scam are likely to be operating out of India and make use of phishing methods. This case shows how cybercriminals who are adept in collecting information via phishing emails, social engineering lures, or other online scams can expand their reach via offline threats such as the IRS phone scam.
Connected to this, antispam research engineers have recently seen a rise in the number of phishing mails that take advantage of the 2015 tax season in the United States.
Sample of a spam mail that promises tax exemption and asks for sensitive information
Tax Season, Harvest Season
Unfortunately, this is only one of many tax-related schemes that exist to target taxpayers during tax season. In February, the IRS unknowingly paid $5.8 billion to fraudsters who filed false tax returns using stolen social security numbers.
Early this year, the US Treasury office warned taxpayers of related scams. Treasury Inspector General for Taxpayer Administration (TIGTA) J. Russell George urged payers to be on "high alert" for fraud, saying, “If someone unexpectedly calls claiming to be from the IRS and uses threatening language if you don’t pay immediately, that is a sign that it really isn’t the IRS calling.” The office also outlined steps should one get a call from someone who demands payment and is claiming to be from the IRS that includes filing a report to the FTC or TIGTA.
Meanwhile, phishing scams can be avoided by following these guidelines:
- Refrain from clicking on links or downloading attachments from unsolicited emails.
- Know how to distinguish social engineering scams from genuine messages by being updated on the latest threats and security news.
- Make sure you are protected by the latest antispam technology that detects the latest scams and blocks them before they get to your inbox.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale