As if tax season wasn’t stressful enough on its own, cyber criminals are devising new ways to trick us into tax scams, with severe consequences.
According to IRS data, tax scams spike in January and February and intensify through April. Last year, scammers targeted numerous business owners by misrepresenting the Employee Retention Credit (ERC), charging hefty fees for assistance with applications – even for a credit many victims didn’t qualify for. So many business owners were attacked that the IRS set up an ERC withdrawal program to help those who realized they had unknowingly submitted fraudulent claims.
Popular Tax-Time Scams
Tax scams are particularly tricky because no well-meaning taxpayer wants to make a mistake and get in trouble with the government. Scammers and cybercriminals prey on our fear of compliance issues by posing as legitimate tax agents, tax software providers, or even colleagues in financial departments, with urgent messages demanding payment or personal information.
While the tax deadline is a few months away, these scammers are likely already in your inbox.
Take a few minutes to read about these common tax-time scams and what you can do to prevent them.
Phishing and Smishing Scams
Scammers love pretending to be organizations like the CRA of or the IRS to get your personal information. They’ll send fake emails or texts promising refunds or threatening legal action, hoping you’ll click on their links or share sensitive details.
These scams don’t just target individuals – they often go after tax pros and businesses because those can give access to loads of valuable data.
How to prevent it: Never click on links or reply to unexpected messages claiming to be from the CRA or IRS. If something feels off, report suspicious emails, and always verify messages directly with these organizations through their official verified channels.
Online Account “Help”
Scammers may also target taxpayers by offering help setting up an online account. Their goal is to steal your personal tax and financial information, which they can then use for identity theft. These criminals may pretend to be “helpful” third parties, tricking you into handing over sensitive details, which they can use to file fake tax returns and steal refunds.
How to prevent it: Only create your online account directly through official channels, and avoid any unsolicited offers for third-party help. If someone reaches out offering to assist, it’s probably a scam.
Tax Credit Scams
In the US, the IRS is warning taxpayers about popular scams pushing Fuel Tax Credit claims, which are only available for off-highway business or farming use. Scammers will mislead you by fabricating documents or receipts for fuel to make false claims, often charging hefty fees in the process. While these scammers profit, you are left with the risk of facing IRS scrutiny and potential penalties.
How to prevent it: If you’re considering claiming a Fuel Tax Credit, make sure you’re eligible, as incorrectly claiming it could lead to serious consequences like fines or criminal charges. Always consult a qualified tax professional to ensure your claims are legitimate. It’s also important to consult with qualified professionals to avoid falling victim to similar scams in Canada.
You Know The Saying: If It Sounds Too Good To Be True, It Probably Is
Many of these scams are plastered all over the Internet, often with promises of tax savings that sound too good to be true. But the old saying still rings true: If something seems too good, it probably is. These schemes might look tempting, but they can land you in hot water with the IRS and lead to serious legal trouble. This year, make tax season a little less miserable by sticking to legitimate, proven methods. You can also check out the IRS Dirty Dozen list with details on all the common tax scams and tips on how to stay safe this tax season.
In Canada, the Get Cyber Safe initiative provides valuable information on common tax-related cyber scams and tips on how to stay safe: https://www.getcybersafe.gc.ca/en/protect-your-business-against-ransomware?
