IRS Holiday Fraud Warnings

For years now, the IRS has taken an active role in warning taxpayers, and the tax industry in general, of tax-related scams, but they seem to be as prevalent as ever. Once a year, right around tax season, the IRS increases the number and intensity of its warnings to try to match the number and intensity of scams. Criminals have found that tax season (January thru April) is the best time to practice their craft. But we have seen the Christmas season begin earlier and earlier each year in the world of retail sales — before Thanksgiving in most places, and the tax fraud people seem to be following suit. They don’t wait for tax season anymore, which often puts the beginning of “tax fraud season” smack dab in the middle of the holidays. Their schemes are almost always based on some type of IRS impersonation, sometimes targeting particular groups in an attempt to exploit their vulnerabilities. The IRS recently provided a list of several variations, including the following:

  1. Direct calls requesting immediate payment: This is perhaps the boldest and most common technique. Taxpayer will receive an automated message or a threatening cold call demanding payment over the phone. Often the caller will threaten prosecution or jail time based on some false claim of tax evasion.
  2. The Federal Student Tax scam: This scam is carried out in manner similar to the direct call, but targeted at students and parents of students. As you might know, there is no such thing as a federal student tax.
  3. Fake tax bill for Affordable Care Act liability: It is true that a taxpayer could owe penalties (aka, “shared responsibility payments”) and advanced premium tax credit overpayments under the Affordable Care Act. It is also true that the IRS is charged with the responsibility of collecting such payments. However, you must be careful that the letter or email is legitimate. An email claiming to be from the IRS is most likely a fake. And the IRS says that taxpayers should be skeptical of “CP2000” letters requesting that payment be send to the “Austin Processing Center.”
  4. Emails from the boss: Sometimes tax scammers have been known to contact human resources and others within a company asking for confidential employee records, including social security numbers.
  5. Gaining access through the tax preparation industry: Tax preparers should be aware of a scheme whereby the criminals contact them with fake software updates via an email that appears to be from a tax software firm. Somebody in the tax industry might be savvy enough to recognize this kind of thing as a fake, but since many taxpayers use tax filing software themselves, sometimes these emails go straight to the consumer who could more easily fall victim to this scheme.

It may be that the holidays are the perfect time for a variety of criminal schemes. I was recently made aware of a scheme targeting attorneys. An email with the subject line “The Office of The State Attorney Complaint,” if opened, could expose an unwary lawyer to a computer virus.  If this sounds like an agency with a clumsy name, it’s because no such agency exists. Stay vigilant my friends; apparently there are a lot of Scrooges out there this time of year.

IRS Warns of Spoof Emails from CEO Posers

IRS Warns of Spoof Emails from CEO Posers

As an employee, when the CEO or other executive asks you to jump, the typical response is “how high?” So if you were to get an email from the CEO asking for a list of employee data, you probably wouldn’t question it. You’d probably send the info as soon as possible and without too much thought.

Cybercriminals who understand the position of power that company executives possess are using these relationships to obtain sensitive employee data. The practice is called “spoofing” because the thieves pose as the CEO or other high level executive, using the real executive’s name in an email to those within the company who have access to W-2s and social security numbers (typically those within payroll or human resource departments). Then these criminals obviously use the data to file false refund returns or sell the data to 3rd parties.

The IRS made a statement yesterday alerting the public of this new kind of phishing scheme:

If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.

~ IRS Commissioner, John Koskinen

I guess the question some payroll people will have is “what should I do to check it out“? Every company and every office is different. Your response may depend on the formality of your office and the relationship you have with the executive who requested the info. In some circumstances it may not be appropriate to knock on the CEO’s door asking if he/she emailed you. It might be a little awkward emailing back asking the CEO what he plans on doing with the info, or asking if he can authenticate by giving you the name of his favorite childhood pet or his mother’s maiden name.

I suspect that in most cases the email address of the sender will be a dead giveaway. If you don’t recognize the email address, then you can ask the follow up questions or pay the CEO a visit. Having said that, I don’t know for sure that these cybercriminals cannot send emails that appear to be sent from a company email system, in which case it might be wise to ask about the childhood pet anyways. Better safe than sorry, even if the price is a little embarrassment.

IRS Puts Reins on Stingray Technology

IRS Puts Reins on Stingray Technology

It will be Christmas time soon and thoughts often turn to gift giving and getting. For some, the gift they would like most is the latest high tech toy. This year one of the hottest tech gifts is the Hoverboard. Next year it could be a personal rocket ship. Boys will be boys, and they tend to enjoy imagining themselves starring in a James Bond flick with the latest technology at their fingertips.

The boys at the IRS are no different, although some of them are surely lamenting the potential limitations placed on their toy commonly knows as the Stingray. The Stingray is a cell phone surveillance device that can mimic a wireless cell tower, intercepting signals and giving the user private cell data of anyone in the area. Special agents with IRS Criminal Investigations have used this device since 2011 to track down some big time tax criminals.

Under pressure from the Justice Department, the IRS has begun drafting rules that would require their employees to obtain a warrant before using this controversial device. Of course a warrant requires a finding of probably cause by a judge, and if you’ve ever seen any crime shows on TV you know it’s a pain to have to get a warrant.

The IRS apparently has only one Stingray now, but they ordered a second one back in July. It hasn’t arrived yet, which I’m sure has the CI boys as anxious as 8-year-olds on Christmas Eve.

Congrats! You're a Partner with the IRS

Congrats! You're a Partner with the IRS

On March 19, 2015 IRS Commissioner, John Koskinen, brought together representatives from the IRS, the states, and the private sector tax industry in what he called the Security Summit Group to discuss ways to combat identity theft and, specifically, identity theft that results in tax fraud. Private sector representatives included the likes of CEOs of leading tax prep firms, software developers, and payroll processors. For the first two months, the SSG met “continuously” to collaborate and brainstorm. One of the ideas that has come out of these meetings is that there is no silver bullet for putting an end to identity theft and that we need to adopt a “multi-layered and coordinated approach.” Another big idea, announced by Koskinen in a statement yesterday, is that there is a key Security Summit partner that, until now, has been left out of the equation: YOU.

We’ve made a great deal of progress for the upcoming tax season, and it shows just how much we can accomplish working together. But to keep making progress, there is another partner we need to bring on board, and that’s the taxpaying public. In fact, that’s why we’re announcing this new effort, called “Taxes-Security-Together.” We all have a part to play in fighting identity theft.

Koskinen says that now is the best time to begin this new initiative. I’m paraphrasing here, but he basically says that there will be a bunch of new electronic devices bought over the next couple months (ok, Christmas time, I follow), and people will be doing their taxes and making other transactions on these devices (um, people do their taxes on phones? really?) and a significant number of these potential ID theft portals will fall into the hands of people who don’t know how to use them, and it behooves us to help them to use them safely. This seems like a really tenuous “slippery slope” kind of thought process here, but ok. Now I’m interested to know if identity theft typically spikes in December or something.

But, needless to say, it feels pretty awesome to be a member of the Security Summit Group. I’m waiting eagerly by the mailbox for my badge and lanyard. As a member in good standing of the SSG, I would like to commend the Commissioner on his Taxes-Security-Together initiative. It sounds like fun. However, I also would like him to tell me how he plans on getting these messages out to those who really need to hear them. I will prepare now for what promises to be a barrage of public service announcements via YouTube, Facebook, and wherever else the IRS has a presence. But if you’re not connected with the IRS online somehow, either by “liking” or “following” or subscribing to their emails, just how are you going to catch wind of these tips and announcements? And between a tax professional and the general public, who do you think would benefit most from hearing them? There is no one silver bullet, but at least some bullets should hit some targets for this initiative to be successful.

Initial Estimates from May Data Breach were Low

It seems there was good reason for downplaying May’s security breach in the IRS “Get Transcript” application.  It really was quite a bit worse than they had described it back in May.  The breach was first described as unauthorized access into 100,000 tax accounts, and that number has recently been amended to 334,000.  We were also told that international thieves started tampering with the site in February 2015, but now the IRS says it was actually November 2014.

The IRS can’t get anything right.  When are they going to learn to be more cautious and conservative in their official statements?  I have to believe that IRS press releases are reviewed by their tax attorneys, or somebody with good judgment and a strong command of the English language.  How difficult would it have been to state that the preliminary figures suggest there were 100,000 but this number could increase (or even is likely to increase) pending further investigation.  I, for one, would not consider that to be wishy washy in any way.  It may be frustrating to some; we want to know all the facts the moment the story breaks.  But it is more honest and credible to state only as much as can be confirmed and it is rarely a bad thing to admit when things are not yet known. Maybe that’s the IRS’ biggest problem.  As an agency, they have suffered so much by way of public scorn, and their competence has been called into question so many times that they feel the pressure to have all the answers at times when having all the answers would be impossible.

Sometimes the problem with the IRS has less to do with the way they actually handle issues and more to do with the way they inform the public.

IRS Impersonators Have New Tricks

Scam artists, posing as IRS agents, who contact innocent taxpayers out of the blue and demand payment on tax bills that don’t exist are getting more crafty and casting a bigger net these days. For at least the past few years now, the IRS has regularly published updated warnings each time they perceive a new wrinkle, or if enough time has passed since the prior warning.

This month, the IRS published a scam warning that identifies a couple trends that suggest these tax criminals are taking the time to do some homework rather than calling completely unscripted. For example, one tactic is to alter your caller ID so it appears the call is coming from a legitimate government agency.  Scammers have always posed as official government representatives by giving false names, titles, and badge numbers, but now they are more frequently adding this new layer of “authenticity” to the call.

The ultimate goal of IRS phone scam artists is to get the victim to make a payment over the phone and/or provide sensitive information like your name, address, and social security number. If they are successful in obtaining a payment over the phone, they are now asking victims to mail proof of payment to an actual IRS office nearby. Taxpayers choosing to verify the address can look it up in a Google search and see that it is the correct address to their local service center, which lends a sense of legitimacy to the whole interaction. Of course, anyone with half a brain would know that providing the address to an IRS office that is posted on the internet for anyone to see means absolutely nothing.

In this month’s published warning, the IRS states that these scam artists use angry voices to strike fear into their victims and pressure their victims into making rash decisions. Then the IRS lists a few things that they will “never” do, so it will be easy to distinguish between scammers and true IRS representatives:

  1. Angrily demand payment over the phone
  2. Call prior to sending a bill for overdue taxes
  3. Threaten arrest for non-payment of taxes
  4. Demand payment without the opportunity to appeal the amount owed
  5. Require a specific payment method
  6. Ask for credit or debit card numbers over the phone

#1 on this list is a little strange to me because anger, and the detecting of anger in someone’s voice, is a subjective thing. Isn’t it? I have heard demands for payment in voices that could reasonably be characterized as “angry.”  I have also had IRS representatives tell me that they require an “auto debit” payment arrangement in order to approve an installment agreement, hence somewhat of a violation of #5.  However, in my experience, IRS representatives usually do a pretty good job complying with this list.

Mastermind of IRS Phone Scam Gets 14 Year Prison Sentence

You would have to be living under a rock if you’re not aware of the pervasive IRS impersonation phone scams going around.  These scammers prey on the least-informed, most vulnerable people in society, convincing them that the IRS is on the brink of throwing them into prison for unpaid taxes when, in many cases, no taxes are owed.  Now at least one of the masterminds behind this, Sahil Patel (36), is going to be put away for 14 years.  Patel was sentenced a couple days ago in a U.S. District Court in New York for conspiring to extort, to impersonate government officials, and to commit wire fraud.

The government considers Patel one of the ringleaders in a scam that duped nearly 4,000 people out of a combined $20 million over the past two years.  However, this criminal group is obviously run by more than just Patel as the phone calls have not stopped since his conviction.

Maybe 14 years seems like a long time to you for a crime that doesn’t involve taking a life, but this is what the district judge had to say about it:

The nature of this crime robbed people of their identities and their money in a way that causes people to fee that they have been almost destroyed.

He definitely wanted to “ensure adequate deterrence.”  Plus I don’t think it helped that Patel came across as an “unfriendly” witness.  He reportedly made some sexist comments about the women he hired to do the dirty work and how they were ignorant and gullible.  I know that 14 years seems like a heavy penalty, and you can’t really expect a higher level of severity, but I wonder if this will really deter the co-conspirators who appear to be keeping the scheme operational.  The rewards are so incredibly high for them and, at this point at least, the risks seem to be just low enough.

We can increase the risk by finding more of these guys, and I think the IRS, in cooperation with law enforcement, is doing the best they can.  We can reduce the reward by informing the public — and this is where I think they can improve.  I started this article by saying that one would have to be living under a rock to not be aware of these phone scams, but I don’t know if that is true.  As a tax attorney, I hear about this kind of thing all the time because I am dialed into tax news and events.  But is the average taxpayer getting the message?  I think IRS public service messages are focused on tax professionals.  Maybe there should be a broader kind of outreach through TV and radio.  I suppose there is a reason why they haven’t gone there; maybe they don’t want to freak everyone out.

IRS Makes Plans with Private Sector to Curb Future Cyber Attacks

John Koskinen, Commissioner of the IRS, announced yesterday in a press conference that his agency is making plans to join forces with states and the entire private tax industry to combat cyber tax criminals like the ones who recently accessed taxpayer data through the “Get Transcript” application of the IRS website.  It’s the whole “it takes a village” concept applied to the ongoing battle to protect sensitive information on the internet. Government and industry plan to share information in ways they have never done before.

As a tax relief attorney, I don’t know a lot about computers and information technology.  If the top level guys at the IRS are IT ninjas, I’m probably a yellow belt noodle maker.  But commingling of IRS and private sector data makes me nervous, if that’s what they’re talking about doing.  I understand the desire to cooperate on this monumental task of stopping international cyber-criminal syndicates, but I feel like a little separation between public and private sector computer systems is healthy.  It seems to my naive mind that the more connected they are, in the event of a large-scale hack, the more likely we all go down together.

Here are a few nice words from Koskinen’s press conference:

[A]ny organization in the public or private sectors with IT systems and sensitive data faces a battle that seems to grow every day. The nation’s tax system is no different….No single organization can go it alone….None of us has a silver bullet to defeat this enemy….Working together we can achieve results that none of us, working alone, could accomplish.

Such an American thing to do, don’t you think?  Everyone joining forces and working together to defeat a common enemy and prevent a crisis.  I hope this is a step in the right direction and not just the IRS telling us what we want to hear.  The upside to all this for the IRS is that the next time their systems are compromised, maybe they can share the blame with businesses and states.

IRS Downplays Latest Data Breach

The IRS recently announced the unauthorized access into 100,000 tax accounts by cyber-criminals through the “Get Transcript” application on the IRS website.  Virtually every word in Commissioner Koskinen’s statement is calculated to either downplay the seriousness of the breach, deflect the blame, or put a Band-Aid on it, almost to the point that it causes increased suspicion.  It’s like when someone begins a statement with the words, “to be honest,” and you can’t help but wonder if they really are.  I will list everything the Commissioner said that could be taken that way and, of course, let you read between the lines:

  1. The information that allowed the criminals access was obtained from an outside source
  2. The crime was very sophisticated
  3. Access to “Get Transcript” is only obtained through a multi-layer authentication process
  4. The matter is under review by TIGTA and IRS’ Criminal Investigation division (CI)
  5. IRS main computer systems were not affected & remain secure
  6. Although there were 100,000 successful data breach attempts, there were another 100,000 that were unsuccessful
  7. All 200,000 affected taxpayer accounts will get letters from the IRS explaining what has happened
  8. IRS is offering free credit monitoring to those whose accounts were successfully accessed
  9. “Get Transcript” application has been shut down temporarily

And then there was the obligatory and generic “make-them-feel-good” statement:

[T]he IRS takes the security of taxpayer data extremely seriously, and we are working aggressively to protect affected taxpayers and continue to strengthen our protocols.

I totally understand the need to keep the comments positive in this kind of situation.  Any corporation would do the same sort of damage control in the form of some similar carefully worded, lawyer-drafted statement.  We definitely don’t want panic spreading across the nation in response to something like this.  But we are not stupid either.  If this data breach were really as benign as they want us to believe then why did they take the application down?  As much as the IRS has tried to deflect the blame for the data breach, I think they know that there are ways to tighten up security.  Nothing spells this out more clearly than the fact that the IRS immediately deactivated the application to fix it and make it more secure.

Board of Equalization is not of fan of Denny’s in California’s central valley

Have you been to one of the Denny’s operated by Abdul Halim? He operates three Denny’s restaurants located in Lathrop, Manteca, and Stockton. If you have a craving for a Moons Over My Hammy and live in the California’s central valley, you may soon be out of luck.

California’s Board of Equalization recently publicized its version of a perp walk. Abdul Halim, of Tracy, California will serve 10 years formal probation, perform 3,500 hours of community service, and pay $790,428 in restitution for pleading guilty to two felony and one misdemeanor count of sales tax evasion. The ordered restitution includes the sales tax, penalties, and interest owed to the BOE.

California’s Board of Equalization is charged with the duty of collecting and enforcing payment of California sales tax. BOE Investigators determined that Mr. Halim failed to pay nearly $525,000 in sales tax collected from Denny’s customers between 2007 and 2011.

If you need help fighting the BOE in California’s central valley or in the greater Sacramento area, call our law firm for a free consultation. We may be able to help save your business and keep you from being the next “perp” publicized by the BOE.