Albany, NY - February 17, 2017 - Governor Andrew M. Cuomo today warned New York tax preparers and human resources professionals of new scams aimed at stealing confidential client and employee information after the New York State Tax Department identified at least 37 companies in New York City, the Capital Region, Central New York and Western New York that have been impacted, affecting thousands of taxpayers.
"As technology continues to advance, cyber thieves and scammers are using more and more sophisticated methods to try and steal personal information to defraud hardworking New Yorkers," Governor Cuomo said. "There must be zero tolerance for these schemes and I encourage everyone – especially those in these fields – to remain vigilant and immediately report any suspicious inquiries to state and local authorities."
Acting Commissioner of the New York State Department of Taxation and Finance Nonie Manion said, "Now that the income tax filing season is underway, criminals are eager to file bogus claims for tax refunds using stolen personal information. It’s critical that anyone handling someone’s personal information remain mindful of common scam techniques to avoid becoming victims."
Governor Cuomo warned New Yorkers of several scams emerging this tax season, including the following:
Scammers Renew Scheme Targeting Payroll and HR Professionals
Cybercriminals posing as company executives are emailing payroll and HR professionals to request lists of employees and their personal information. This time, the scammers are expanding their reach to other industries, including school districts, tribal organizations, and nonprofits.
These emails may appear legitimate because they contain the name of the company’s chief executive officer. However, if you receive such an email, don’t include any payroll data, such as W-2 forms and Social Security numbers, in a response.
The Tax Department is aware of at least 37 businesses with New York employees that have fallen for this scam and believes more than 5,000 Social Security numbers may have been compromised. The Tax Department is in contact with those businesses and is working with them to protect their employees.
If you’re an employer that has been a victim of this scam and, in response, released any payroll data, such as W-2 information and Social Security numbers, see Guidance for employers affected by a W-2 phishing scam for instructions.
Spear-Phishing Scheme Targeting Practitioners
This scheme is present throughout the tax practitioner community. It’s committed by scammers who represent themselves as Fastsupport.com or Onlyforsupport.com. They’re contacting practitioners after they’ve identified which IRS-authorized e-file provider, or Electronic Return Originator, the practitioner uses to transmit returns.
The caller, falsely claiming to work on behalf of the ERO, suggests the need to reinstall or correct problems with the practitioner’s software. The caller asks the practitioner to connect to their website and provide the passcode and access to the practitioner's computer. If the practitioner complies, the scam artist can steal sensitive client information to commit fraud.
An ERO is an e-file provider authorized by the IRS to submit tax returns for processing.
Cybercriminals Pose as Clients to Solicit Services from Tax Professionals
In a nationwide phishing scheme, scammers are targeting tax professionals to obtain their preparer information and prepare fraudulent returns. These scammers typically send tax professionals two emails: in the first, a “client” requests tax preparation assistance; in the second, scammers provide a link or attach a PDF that contains a link that allows them to steal the tax preparer’s email address and password.
If you receive a suspicious email, such as one from an unknown sender, don’t select any links or open any attachments contained in the email. This is the scammer’s entry into your computer, exposing you to malware. This could allow the cybercriminal to capture sensitive information without you even knowing that you’ve been compromised.
Phishing Email with the Subject Line “Mails on Hold!” Targets Tax Professionals
Some tax professionals have received emails that appear to be from the IRS or the IRS e-Services team with the subject line “Mails on Hold!” These emails may include references to IRS personnel or PTINs, but they aren’t from the IRS.
If you receive an email with this subject line, don’t select any links or open any attachments contained in these emails. Again, this could provide access into your computer, exposing you to malware and leaving private information vulnerable.
Protecting Yourself and Your Clients
Tax professionals must protect their clients’ personal information by only providing it to trusted sources such as the IRS and the NYS Tax Department. This includes shredding documents containing private data before discarding, and filing a client’s tax return early to reduce the timeframe an identity thief would have to claim a fraudulent tax refund using their information.
The NYS Tax Department and the IRS will never make threats over the phone and will never request personal or financial information by email.
Report It
If you’ve been contacted by a scammer posing as an IRS agent, you must contact the IRS. Learn how to report the incident here.
If you’ve been contacted by a con artist claiming to be from the New York State Tax Department, visit the Tax Department’s Report fraud, scams, and identity theft webpage to learn how to report it. The Tax Department promptly reviews each complaint and takes corrective action when appropriate.