Jump to Navigation

ASK THE EDD ATTORNEY – TAX PROFESSIONALS –EXTRA! EXTRA! READ ALL ABOUT THE NEW IRS WARNINGS! PART 1

By Robert S. Schriebman

2017

Introduction

The IRS and the FBI have come out with a series of warnings to tax professionals as well as corporate personnel involved in payroll functions. Between the months of July through September both the IRS and the EDD will be sending out approximately 10 separate press releases warning of new scams that involve the stealing of employee ID information and other payroll information, as well as confidential data in client files. The IRS and FBI effort is known as "Don't' Take The Bait Campaign."

In this Part 1, I will discuss the first several warning notices and the creative scams being implemented by cyber crooks. In Part 2, I will set forth the suggestions offered by both the IRS and the FBI on how to protect yourself and your clients.

FBI Concerns And Scope of the Problem

There has been such a dramatic increase in payroll related cyber attacks that the FBI has taken to publishing warnings and joining forces with the IRS. The year 2017 showed an increase of 1300% in identified losses with more than $3 billion in wire transfers since early 2015. These scams are not merely confined to our borders but are international in scope. For example, cyber crooks will try to impersonate corporate executives, target payroll, and trick employees to transfer funds into special accounts.

In our community we have a high end market chain specializing in exotic food products. My friend who is in charge of wine and liquor told me that a stranger came into the market representing that he was an executive from headquarters and requested a disc containing the names and payroll information of workers. The payroll manager complied with his request and many employee identities and W2 information walked out the door.

In 2016 the scammers were using business email compromised tactics to obtain employee W2 information. The cyber crooks immediately began filing fraudulent tax returns that mirrored the actual income received by the employees making the fraud more difficult to detect.

2017 has seen public schools, universities, and non-profits victimized by the W2 scam increase to 200 from 50 in 2016. Several hundred employees had their sensitive data stolen. The criminals requested and received both W2 information and wire transfers.

The Cyber Black Market

W2 forms contain a lot of information, such as, employees' names, addresses, Social Security numbers, incomes and withholdings. This information was used not only to file fraudulent tax returns but was also posted for sale on the Dark Net, where criminals seek to profit from these thefts.

Ransonware

Ransomware is a type of virus that infects computers, networks, and servers and locks data. Cyber crooks then demand a ransom to release the data. Businesses and tax professionals are unaware of the infection in their systems until they receive a ransom request. In May 2017, a ransomware attack known as "Wanna Cry" targeted users who failed to install updates to their Microsoft Windows security system or were using pirated versions of the operating system. Within one day cyber criminals held for ransom data on 230,000 computers in 150 countries!

Tax Professionals' Account Takeovers

On July 19, 2017, the IRS published IR 2017-120 concerning phishing scams and account takeovers involving tax professionals. Account takeovers occur when cyber crooks manage to steal or guess the user name and password of a tax professional enabling access to their computers and their online accounts. Armed with this data it is easy to access a tax professional's IRS e-Services account to steal their Electronic Filing Identification Number (EFIN) or access tax-pro software accounts to obtain critical taxpayer information.

How do account takeovers work? These cyber thieves are smart and they do their homework. They visit websites and social media for clues about tax preparers email addresses and business activities. They pose as a familiar organization for example, IRS e-Services or a private sector tax software provider. They may even pose as a fellow tax professional, a bank, or a cloud-based storage provider.

According to the IRS Press Release IR 2017-120, "Often, the email seems urgent with descriptions like: 'Avoid Account Shutdown' or 'Unlock Your Account Now.' The email includes a disguised link that may take users to a page that looks like the login pages for IRS e-services or a tax preparation software provider."

Cyber Crooks Make Good Use of Tax Professional Information

Once cyber crooks have stolen vital and confidential internal information, they can immediately access client accounts and steal Social Security numbers, and business EINs and EFINs. They will use this information to file fraudulent tax returns, obtain refunds, or sell the information to other cyber criminals. They may also use your power of attorney and CAF number to access your client's IRS and FTB account transcripts. They will reuse user names and passwords for multiple online accounts as well as create new and fraudulent accounts.

Somewhere hidden in all this is the dark specter of malpractice actions by upset clients.

Conclusion

In Part 2, I will set forth FBI and IRS recommendations of the ways tax professionals and payroll personnel can protect themselves from these cyber attacks. Some of the suggestions are common sense and others involve being pro active and continuously diligent.

***

Robert Schriebman has a successful practice in the Rolling Hills Estates area of Los Angeles County serving clients throughout California and the United States. He has successfully dedicated more than 40 years to helping individual taxpayers, business owners, CPAs, Enrolled Agents, and tax attorneys navigate the complicated tax systems of the federal and state governments.

Robert Schriebman has written the only 2 books ever published dealing with how California Employment Development Department (EDD) operates. See "California Tax Collection Practice and Procedures" and "California Taxation Practice and Procedure," both published by Commerce Clearing House.

Robert Schriebman has written over 20 books including the major manual used nationally by practitioners and the IRS, "IRS Tax Collection Procedures - A Manual for Practitioners" published by Commerce Clearing House.

Robert Schriebman has written over 20 books including the major manual used nationally by practitioners and the IRS, "IRS Tax Collection Procedures - A Manual for Practitioners" published by Commerce Clearing House in addition to the only 2 books ever published dealing with how California Employment Development Department (EDD) operates. See "California Tax Collection Practice and Procedures" and "California Taxation Practice and Procedure," both published by Commerce Clearing House.

Web Site Article 290