CyberScout

Businesses Should Be Aware of These Tax-Related Scams

Tax scams for businesses
Getty Images

Tax season may not be much fun for most of us, but for scammers it’s the most wonderful time of the year. Every year, employers, payroll companies, and tax preparers face an evolving threat to their money, their data, and their identities in the form of tax-related fraud. 

W-2 Scams: Scammers have learned that spearphishing payroll and human resource departments can net the sensitive personal and financial information of multiple individuals at once. 

“In these scams, a spoofed email from someone posing as a C-Suite officer sends an email to the payroll office employee requesting a list of employees with all their financial and personal information including SSNs. In a variation of the scam, an employee is directed to click on a link or attachment infected with malware,” says Levin. “The fraudster can then use the stolen tax data to file fraudulent returns, open new credit accounts and commit other identity-related crimes.”

Fake EIN Applications: Businesses registering Employer ID numbers (EINs) with the IRS are commonly misdirected by websites claiming to assist with the process. 

Here’s what you need to know: The only form needed to file for an EIN is IRS Form SS-4, which can be filed online or by phone at no charge to the applicant. 

Filing for an EIN through any online service other than the IRS can lead to one of two outcomes: either a company is charged an unnecessary fee via a third party for what is a fairly straightforward process, or worse, the applicant provides sensitive information about their business that can leave them open to multiple kinds of fraud. 

Ransomware: While many of these tax-season scams have been in circulation in one form or another for years, ransomware is a relative newcomer. Hackers are infecting tax preparers with malware that encrypts their data (and that of their customers) until a hefty ransom is paid--if they’re lucky.

“We have seen in the wider cyber ecosystem instances where a ransom is paid, the files are released, but the data has also been stolen by the hackers who use the information to file false returns,” says Levin. 

Hackers may also use the time during which the files are encrypted to file tax returns.