It’s that time of year again – Time for Income Tax Scams

Every year at this time scammers come out of the woodwork with new scams and reusing old ones designed to obtain tax information for identify theft and financial fraud purposes.  Sometimes these scams are directed at individual taxpayers and at other times they are targeted at businesses and institutions like ours.

The IRS is has already noted a number of scams this year targeting individual recipients by name. Targeted requests are often harder to identify as fraudulent.  These often involve sending modified versions of legitimate IRS forms by fax or e-mail and requesting the recipient fill them out and return them.  These forms are modified so that the recipient to provides all the personal and financial information the scammer needs to perpetrate their fraud.

A recent example can be seen below:

First the real form W-8BEN used for foreign persons to designate their non-US tax status:  http://www.irs.gov/pub/irs-pdf/fw8ben.pdf

Then the fake W-8BEN notice and form some people have been receiving (click to enlarge):

Note in particular the use of a non-IRS e-mail address, the implied urgency: “return to us within 24 hours,” and the insistence on faxing the document rather than using US Mail.

Be especially cautious about any communication that claims to be from the IRS or your employer and that claims to urgently need personal or financial information for tax purposes.

If you receive anything that you believe to be a tax-related scam, you can report it to the IRS here: http://www.irs.gov/uac/Report-Phishing

The IRS also provides the additional information to help protect yourself from “The Dirty Dozen Tax Scams:” http://www.irs.gov/uac/Don%E2%80%99t-Fall-Prey-to-the-2011-Dirty-Dozen-Tax-Scams

And a guide to “Tax Refund Scams:” http://www.irs.gov/uac/IRS-Urges-Taxpayers-to-Avoid-Becoming-Victims-of-Tax-Scams

 

Cyber-Security Awareness – Social Media Tips

Do you use Facebook, Twitter, Google+, Pintrest, Instagram, or other social media sites?  What about internationally-focus social media sites such as Orkut, QQ, and Badoo?  You or those you socialize with on this sites will be a target of a scammer sooner or later.

Many of the most effective scams are targeted to you personally from the information publicly available on your profile, typically you will get an unsolicited communication that matches your published interests or that is very effective at getting your attention by claiming some sort of emergency or a need for immediate action.

That scammer wants to make you to click that link before you have a chance to think and be skeptical.

Be very cautious when you get any of the following:

  • A message from someone, particularly a close friend or relative saying they’ve been robbed, they’re being held by foreign authorities, or otherwise have an immediate need for money to be wired to them.  This is particularly common when that individual is known to be out of the country.
  • A message that you have won something, particularly when it says you have to act immediately to claim your prize
  • A friend request from someone you’ve never seen before, especially some stranger with the looks of a model or someone who may have the same interests as you have posted
  • A message about an account cancellation
  • A message about a charge you didn’t authorize
  • Anything that looks like humorous content but that requires you to click a link to see it
  • Any request to install an app to get at desirable content

In many cases these are difficult to tell from legitimate messages, so you need to take a moment and think

  • Does this make sense?
  • Do I know this person and did I expect something like this from them?
  • Is this totally out of character for my friend – could their account have been hacked?
  • If it’s too good to be true, it probably is.

Remember, social media can place no obligations on you, you don’t have to respond to every message, friend request, alert, or notice.  You can always take the time you need to sort things out before making a snap decision to click that “Accept” button or that web link.

I’ll have additional postings over the course of this month, including what to do when you think you may have fallen for a scam or clicked that link that didn’t seem quite right.  I’ll also detail certain specific threats and scams to help you be more informed about them in the future.

In the meantime you may want to review these sites of interest on this topic:

11 Tips for Social Media Safety

http://www.microsoft.com/security/online-privacy/social-networking.aspx

Scams and Social Media

http://www.educause.edu/blogs/lspitzner/security-awareness-social-media

15 Social Media Scams

http://www.networkworld.com/slideshow/53106