RS Repeats Warning about Phone Scams
IR-2014-81, Aug. 13, 2014
WASHINGTON — The Internal Revenue Service and the Treasury Inspector General for Tax Administration continue to hear from taxpayers who have received unsolicited calls from individuals demanding payment while fraudulently claiming to be from the IRS.
Based on the 90,000 complaints that TIGTA has received through its telephone hotline, to date, TIGTA has identified approximately 1,100 victims who have lost an estimated $5 million from these scams.
“There are clear warning signs about these scams, which continue at high levels throughout the nation,” said IRS Commissioner John Koskinen. “Taxpayers should remember their first contact with the IRS will not be a call from out of the blue, but through official correspondence sent through the mail. A big red flag for these scams are angry, threatening calls from people who say they are from the IRS and urging immediate payment. This is not how we operate. People should hang up immediately and contact TIGTA or the IRS.”
Additionally, it is important for taxpayers to know that the IRS:
- Never asks for credit card, debit card or prepaid card information over the telephone.
- Never insists that taxpayers use a specific payment method to pay tax obligations
- Never requests immediate payment over the telephone and will not take enforcement action immediately following a phone conversation. Taxpayers usually receive prior notification of IRS enforcement action involving IRS tax liens or levies.
Potential phone scam victims may be told that they owe money that must be paid immediately to the IRS or they are entitled to big refunds. When unsuccessful the first time, sometimes phone scammers call back trying a new strategy.
Other characteristics of these scams include:
- Scammers use fake names and IRS badge numbers. They generally use common names and surnames to identify themselves.
- Scammers may be able to recite the last four digits of a victim’s Social Security number.
- Scammers spoof the IRS toll-free number on caller ID to make it appear that it’s the IRS calling.
- Scammers sometimes send bogus IRS emails to some victims to support their bogus calls.
- Victims hear background noise of other calls being conducted to mimic a call site.
- After threatening victims with jail time or driver’s license revocation, scammers hang up and others soon call back pretending to be from the local police or DMV, and the caller ID supports their claim.
If you get a phone call from someone claiming to be from the IRS, here’s what you should do:
- If you know you owe taxes or you think you might owe taxes, call the IRS at 1.800.829.1040. The IRS employees at that line can help you with a payment issue, if there really is such an issue.
- If you know you don’t owe taxes or have no reason to think that you owe any taxes (for example, you’ve never received a bill or the caller made some bogus threats as described above), then call and report the incident to TIGTA at 1.800.366.4484.
- You can file a complaint using the FTC Complaint Assistant; choose “Other” and then “Imposter Scams.” If the complaint involves someone impersonating the IRS, include the words “IRS Telephone Scam” in the notes.
Taxpayers should be aware that there are other unrelated scams (such as a lottery sweepstakes) and solicitations (such as debt relief) that fraudulently claim to be from the IRS.
The IRS encourages taxpayers to be vigilant against phone and email scams that use the IRS as a lure. The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels. The IRS also does not ask for PINs, passwords or similar confidential access information for credit card, bank or other financial accounts. Recipients should not open any attachments or click on any links contained in the message. Instead, forward the email to firstname.lastname@example.org.
For more information or to report a scam, go to www.irs.gov and type “scam” in the search box.
More information on how to report phishing scams involving the IRS is available on the genuine IRS website, IRS.gov.
TAS Phishing Scam
The Internal Revenue Service has learned of a new phishing scam in which taxpayers receive emails purporting to be from the Taxpayer Advocate Service (and bearing the IRS logo). The email contains a bogus case number and says:
“Your reported 2013 income is flagged for review due to a document processing error. Your case has been forwarded to the Taxpayer Advocate Service for resolution assistance. To avoid delays in processing your 2013 filing contact the Taxpayer Advocate service for resolution assistance.”
The email contains a link where the recipient can find contact information for the “advocate” assigned to their case that solicits personal information such as the recipient’s legal name and contact information. There’s also a link to review “your reported income” that again solicits this kind of personal information.
If you believe you may have fallen victim to this type of scam and wish to report it, please file a complaint with the Internet Crime Complaint Center (IC3) www.ic3.gov.
‘Ransomware’ Locks Computers, Demands Payment
There is a new “drive-by” virus on the Internet, and it often carries a fake message—and fine—purportedly from the FBI.
“We’re getting inundated with complaints,” said Donna Gregory of the Internet Crime Complaint Center (IC3), referring to the virus known as Reveton ransomware, which is designed to extort money from its victims.
Reveton is described as drive-by malware because unlike many viruses—which activate when users open a file or attachment—this one can install itself when users simply click on a compromised website. Once infected, the victim’s computer immediately locks, and the monitor displays a screen stating there has been a violation of federal law.
The bogus message goes on to say that the user’s Internet address was identified by the FBI or the Department of Justice’s Computer Crime and Intellectual Property Section as having been associated with child pornography sites or other illegal online activity. To unlock their machines, users are required to pay a fine using a prepaid money card service.
“Some people have actually paid the so-called fine,” said the IC3’s Gregory, who oversees a team of cyber crime subject matter experts. (The IC3 was established in 2000 as a partnership between the FBI and the National White Collar Crime Center. It gives victims an easy way to report cyber crimes and provides law enforcement and regulatory agencies with a central referral system for complaints.)
“While browsing the Internet a window popped up with no way to close it,” one Reveton victim recently wrote to the IC3. “The window was labeled FBI and said I was in violation of one of the following: illegal use of downloaded media, under-age porn viewing, or computer-use negligence. It listed fines and penalties for each and directed me to pay $200 via a MoneyPak order. Instructions were given on how to load the card and make the payment. The page said if the demands were not met, criminal charges would be filed and my computer would remain locked on that screen.”
The Reveton virus, used by hackers in conjunction with Citadel malware—a software delivery platform that can disseminate various kinds of computer viruses—first came to the attention of the FBI in 2011. The IC3 issued a warning on its website in May 2012. Since that time, the virus has become more widespread in the United States and internationally. Some variants of Reveton can even turn on computer webcams and display the victim’s picture on the frozen screen.
“We are getting dozens of complaints every day,” Gregory said, noting that there is no easy fix if your computer becomes infected. “Unlike other viruses,” she explained, “Reveton freezes your computer and stops it in its tracks. And the average user will not be able to easily remove the malware.”
The IC3 suggests the following if you become a victim of the Reveton virus:
- Do not pay any money or provide any personal information.
- Contact a computer professional to remove Reveton and Citadel from your computer.
- Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain types of malware have been known to capture personal information such as user names, passwords, and credit card numbers through embedded keystroke logging programs.
- File a complaint and look for updates about the Reveton virus on the IC3 website.
What Is ‘Phishing’?
Most likely you’ve seen them: e-mail messages asking you to verify personal information over the Internet.
The scam, popularly called ‘phishing,’ involves the use of replicas of existing Web pages to try and deceive you into entering personal, financial, or password data. Often suspects use urgency or scare tactics, such as threats to close accounts.
We here at The Bank of Fincastle will never ask you via e-mail to verify account information. We will never use e-mail to threaten account closure. Please know this, as one defense against phishing. Other safeguards to help protect you from phishing scams:
- Be suspicious of any e-mail messages that claim to be from us that use an urgent or scare-tactic alone.
- Do not respond to e-mail messages asking you to verify personal information.
- Delete suspicious e-mail messages without opening them. If you do open a suspicious e-mail message, do not open any attachments or click any links.
- Install and regularly update virus protection software.
- Keep your computer operating system and Web browser current.
If you see a suspicious looking e-mail message claiming to be from The Bank of Fincastle please let us know. We continually monitor such reports and act on them promptly. Additionally, also consider contacting the FBI’s Internet Fraud Complaint Center at www.ic3.gov.