Tax time starting a new phishing season

Gayle B. Ronan

Who would not welcome an email about an unexpected refund from the Internal Revenue Service?  How about taxpayers interested in protecting their identities against theft? 

“We first began seeing a large number of phony IRS e-mails last year,” says Nancy Mathis, an IRS spokesperson in Washington, D.C.

Most of these emails (a sample is posted on the IRS Web site) ask recipients to click through a provided link to verify their identities.  Those taking the bait land on a site resembling the IRS.  Once there, they are asked for personal and financial information. 

“The IRS simply does not initiate contact with taxpayers by e-mail. Nor would we ask for financial information,” says Mathis. Think about it.  Why would they? The IRS already has Social Security numbers and knows every law-abiding taxpayer’s financial life story.

When the IRS needs to contact a taxpayer, it does so in writing and sometimes by phone.  “But if there is any doubt about the legitimacy of any contact,” says Mathis, “Taxpayers should call our customer service line at 1-800-829-1040.”

In addition to phishy emails— which the IRS would appreciate recipients forward to — Mathis warns taxpayers to be wary of phishy online tax preparers and advice Web sites promising an increased refund or claiming individuals can file without paying taxes.  Such promises are not just too good to be true, they are likely lures placed by ‘Net phishermen. 

“People should treat Web sites the way they treat their non-web encounters,” she continues. “If you are going to a tax preparer, you would check them out first. The same holds true with a tax Web site.  Don’t just give your personal information to anyone who asks.” 

While the IRS pursues those taking its name in vain, Mathis admits, “It seems like as soon as we shut one site down another one pops up.” 

“Thieves are smart,” says Gary Morse, president of Razorpoint Technologies, Inc, a New York security consulting firm.  And as the filing deadline looms they know taxpayers are more preoccupied with getting their returns done and receiving their refunds than with the security of their data.

“For instance, you really don’t want to be working on your return online at an Internet café,” he advises.  Open access locations make it relatively easy for a hacker to capture keystrokes and steal data.  Though Morse observes that really good hackers are much more likely to go to the tax Web sites when stealing data, not to a single computer.  “It is like picking a pocket when they could be robbing a bank.”

This is why he warns the real key to remaining safe online is in knowing how safe data being sent is once received at the other end of an exchange, whether that exchange is with a do-it-yourself site, the IRS or a traditional preparer.

MORE FROM TAX TACTICS

Tax Tactics Section Front

Large tax bill looms for Jackson estate Small businesses get a ‘tax break,’ for now Start thinking 2009 taxes now Obama vows to simplify the tax code If you can’t pay your taxes, don’t hide from IRS Most taxpayers to use refunds for necessities Tax checklist: Deadline is a week away Tax changes may mean bigger paycheck Vermont leads list where residents taxed most What to do when you can’t pay your tax bill Tax Tactics Section Front   Add Tax Tactics headlines to your news reader: