Announcement

Collapse
No announcement yet.

Got this new scam alert from tax liasion today

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Got this new scam alert from tax liasion today

    Partners,

    In advance of the tax deadline, the Internal Revenue Service today warned tax professionals of a new emerging scam in which cybercriminals obtain remote control of preparers’ computer systems, complete and file client tax returns and redirect refunds to thieves’ accounts.
    Although the IRS knows of a handful of cases to date, this scam has potential to impact the filing of fraudulent returns in advance of the April tax deadline and is yet another example of tax professionals being targeted by identity theft criminals.
    The IRS urges all tax preparers to take the following steps:
    • Run a security “deep scan” to search for viruses and malware;
    • Strengthen passwords for both computer access and software access; make sure your password is a minimum of 8 digits (more is better) with a mix of numbers, letters and special characters;
    • Be alert for phishing scams: do not click on links or open attachments from unknown senders;
    • Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
    • Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.

    Tax professionals should review Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security.
    Believe nothing you have not personally researched and verified.

    #2
    The pessimist in me can't help but suspect this is what a certain kind of preparer would claim happened once caught.

    That said, it is good advice.

    Comment


      #3
      Originally posted by David1980 View Post
      The pessimist in me can't help but suspect this is what a certain kind of preparer would claim happened once caught.

      That said, it is good advice.
      Except for the fact that the IRS can now trace the computer used to file the return.
      Believe nothing you have not personally researched and verified.

      Comment


        #4
        Originally posted by taxea View Post
        Except for the fact that the IRS can now trace the computer used to file the return.
        Which is exactly why I think someone would make this claim if caught. The IRS knows my computer filed the returns. The easy out for me is to claim someone must have remoted into my computer and filed them and that it wasn't me.

        Comment


          #5
          forensics

          Originally posted by David1980 View Post
          Which is exactly why I think someone would make this claim if caught. The IRS knows my computer filed the returns. The easy out for me is to claim someone must have remoted into my computer and filed them and that it wasn't me.
          forensics Investigators will find out for you who remoted into the computer
          Always cite your source for support to defend your opinion

          Comment


            #6
            Originally posted by TAXNJ View Post
            forensics Investigators will find out for you who remoted into the computer
            Yes clearly, that's why tax fraud is so rare these days.

            Comment


              #7
              What I do not understand is how are these "scammers" diverting the refunds into where? I have had clients that the DD were sent back because of name issues, or only in one name on a joint account

              Sandy

              Comment


                #8
                If

                Originally posted by David1980 View Post
                Yes clearly, that's why tax fraud is so rare these days.
                If they want the info bad enough they will get it. �� No need for apple��
                Last edited by TAXNJ; 04-15-2016, 08:24 PM.
                Always cite your source for support to defend your opinion

                Comment


                  #9
                  A speaker at our local NY/CT-ATP education dinner, the first CPA firm in CT to be hacked, said the criminals in eastern Europe had one or more insiders in US banks to help with the direct deposits and immediate wiring of funds overseas. Arrests have been made, including extradition. But, new ones keep popping up.

                  Comment


                    #10
                    Originally posted by S T View Post
                    What I do not understand is how are these "scammers" diverting the refunds into where? I have had clients that the DD were sent back because of name issues, or only in one name on a joint account

                    Sandy
                    The IRS basically sends the name with the deposit, but the banks aren't required to ensure it matches. If you were going to stealing refunds this way you'd determine which banks you can use that won't verify the name matches and use those. The reloadable prepaid debit cards are pretty popular, I would guess they mostly aren't verifying name match. See #2 in https://www.fiscal.treasury.gov/fsse...ct-deposit.pdf

                    Comment


                      #11
                      Originally posted by David1980 View Post
                      The IRS basically sends the name with the deposit, but the banks aren't required to ensure it matches. If you were going to stealing refunds this way you'd determine which banks you can use that won't verify the name matches and use those. The reloadable prepaid debit cards are pretty popular, I would guess they mostly aren't verifying name match. See #2 in https://www.fiscal.treasury.gov/fsse...ct-deposit.pdf
                      All I know- as careful and diligent as I am with my clients, that if there is not a name match - the bank bounces the DD from IRS - guess most of my clients are not banking with "banking institutions" that don't name match to accounts - Heck I have even had the refunds bounce because it was checked as a "savings account" rather than a "checking account"

                      What do I know - I definetly am not into the thinking of the "scam artist/hacker" Just curious at how these people are acquiring the "fake refunds" for the $$$

                      Sandy

                      Comment


                        #12
                        Really

                        Two local CPA firms were hacked locally - and they found out by returns they were filing had already been filed. I am assuming much of the above comments were tongue in cheek comments. As my tech guy says in today's culture if the hacks want into a system they probably will get in. Local CPAs, like me thought we were under the radar for that being done. This year we have learned that is not true. A few years ago if any of you went to the "Red Flag" sessions they told us that probably 60% of social security numbers were listed for sale on some list.

                        The one really bad weakness for local CPAs is if you have a website. If you do the advice was have a stand alone computer for that.

                        Comment


                          #13
                          No

                          Originally posted by JON View Post
                          Two local CPA firms were hacked locally - and they found out by returns they were filing had already been filed. I am assuming much of the above comments were tongue in cheek comments. As my tech guy says in today's culture if the hacks want into a system they probably will get in. Local CPAs, like me thought we were under the radar for that being done. This year we have learned that is not true. A few years ago if any of you went to the "Red Flag" sessions they told us that probably 60% of social security numbers were listed for sale on some list.

                          The one really bad weakness for local CPAs is if you have a website. If you do the advice was have a stand alone computer for that.
                          No tongue in check for the reply posters. This is old and current news and a fact of the ID theft world.

                          As previously mention in a prior post, the IRS has a great video of a CPA firm who was totally hacked and what was learned - check it out.

                          This was discussed many times on this web-site, news media, IRS ,etc. And according to reports not going anywhere soon.

                          Maybe longer prison sentences, instead of the 1-5 years, a 50 year sentence with no chance of parole might help!
                          Always cite your source for support to defend your opinion

                          Comment

                          Working...
                          X