Your finance team always has to keep an eye out for fraud and tax scams – especially those impersonating IRS and other trusted authorities.
Fortunately, the Service recently released its annual list of “Dirty Dozen” tax scams to help educate your team on what top tactics criminals are using now, so they can keep private information and payment details under lock and key.
6 timely threats to share
While certain items on the list are more geared toward individuals, a good amount apply to businesses. Here are some of the scams IRS highlighted that could show up in Finance in 2020:
1. Phishing scams: The Service has seen a rise in phishing scams that use emails, letters, texts and links to trick people into disclosing personal and financial account information. (Phishing scams are a Dirty Dozen list-topper year after year. But it could help to give your team specifics and examples of the phishing scams criminals are using now.)
2. Fake charities: Criminals exploit situations like COVID-19, so you know your company should take heed before donating to any “charities.” Of course, scammers may use names similar to real charities to appear legitimate. A test: Real charities will provide their Employer Identification Number (EIN) if your team requests it.
3. Threatening phone calls: Remind your team to be wary of calls that aim to instill “fear and urgency.” IRS will never ask for immediate payment or financial information on the phone.
4. Social media scams: Are finance team members checking social media on breaks? They’ll want to look out for criminals who pose as family or friends and send them “interesting links” that are really just part of a scam.
5. Payroll and HR scams: Criminals also want to steal W-2 and other tax info. Right now, the most common scams are gift card scams and direct deposit scams. IRS has seen a variety of fake invoice schemes, too. (It could be beneficial to share this news with your HR team as well, in case they aren’t as familiar with how IRS would really reach out to them.)
6. Ransomware: These scams target “human and technical weaknesses” to infect computers, networks or servers. They often begins with a download, so encourage your team to stay alert for suspicious requests.