Get started with a FREE Consultation

408-942-6888

Your Partners for Success Since 1977

IRS Highlights Increased Risk of Scams During Holiday Season

By Christopher Wood, CPP, Checkpoint 

As the holiday season approaches, the IRS and its Security Summit partners issued a timely warning to taxpayers, with a special emphasis on employers and payroll professionals, about the increased risk of scams and identity theft. This alert comes as part of the ninth annual National Tax Security Awareness Week, highlighting the need for vigilance in protecting sensitive personal and financial information. ( IR 2024-300 , 12/2/2024)

IRS Commissioner Danny Werfel emphasized the heightened risks during this period, stating, “The holiday shopping season and the fast-approaching tax season create a tempting target for identity thieves and scam artists.” He urged taxpayers to exercise extra caution to safeguard their confidential information and reduce the risk of identity theft in the upcoming filing season.

Of particular concern for employers and payroll professionals are sophisticated phishing schemes targeting those with access to sensitive employee data. The IRS has identified several types of phishing attacks that pose significant threats:

  • Spear phishing:  These targeted attacks aim at specific individuals within an organization, often crafting realistic “lure” emails to trick recipients into divulging sensitive information.
  • Whaling:  Similar to spear phishing, these attacks specifically target executives and leaders with access to large amounts of organizational data. Payroll offices, human resource personnel, and financial offices are particularly vulnerable to such attacks.
  • Clone phishing:  This newer tactic involves scammers cloning legitimate emails and resending them with malicious attachments or links designed to steal information.

To protect against these threats, the IRS recommends several security measures for employers and payroll professionals:

  • Ensure all computer systems have up-to-date security software with anti-malware features and enabled firewalls.
  • Use strong, unique passwords for all online accounts and implement multi-factor authentication wherever possible.
  • Be cautious when clicking on links or downloading attachments, especially from unexpected emails or messages.
  • Educate employees about the risks of sharing sensitive information and the importance of verifying requests for data.
  • Regularly review and update data security protocols to address emerging threats.

The IRS also advises taxpayers to be wary of unsolicited communications claiming to be from the IRS or other tax industry entities, particularly those offering unexpected good news like tax refunds or requesting immediate action on tax bills.

For those who suspect their personal information has been compromised, the IRS recommends considering filing Form 14039, Identity Theft Affidavit. This can be done online or by completing and mailing or faxing the paper form to the IRS.

As part of National Tax Security Awareness Week, the IRS and Federal Trade Commission will host a webinar on December 3, 2024, at 11:00 a.m. ET, focusing on scams, tax-related identity theft, and Identity Protection PINs. Interested parties can register through the IRS website.

© 2024 Thomson Reuters/Tax & Accounting. All Rights Reserved.

Office Location

Crawford Pimentel
Certified Public Accountants
1550 The Alameda #211
San Jose, CA 95126
Phone: (408) 942-6888
Fax: (408) 942-0194
Contact Us
Google Analytics Alternative