With the tax season in full swing in the US, opportunistic cybercriminals and identity thieves have begun targeting taxpayers in a fresh new scam using fake refunds and scare tactics. Experts have warned that hackers are using sensitive client data stolen from online accounts at a number of tax preparation firms to file fake tax refunds.
The Internal Revenue Service then processes the return and directly deposits the money into the victim's bank account or sends a cheque via mail.
In this scheme, the cybercrooks then pose as debt collection agency officials and contact the victim claiming the money was "erroneously" deposited and demand they "return" the money immediately.
The taxpayer is also threatened with criminal fraud charges, an arrest warrant and a "blacklisting" of their Social Security number. However, if the taxpayer does decide to follow their instructions and "return" the money, the funds are simply directed to the scammers' own accounts.
Victims who receive the phoney refunds are also sent links to a web page that includes a fake case number, the amount and date of the transaction along with a list of "personal data reported by the IRS" to make it look official. The victim's full name, Social Security number, address, bank name, account number and bank routing number are also listed.
"All of these details no doubt are included to make the scheme look official; most recipients will never suspect that they received the bank transfer because their accounting firm got hacked," cybersecurity expert Brian Krebs wrote in a blog post. "The scammers even supposedly assign the recipients an individual 'appointed debt collector,' complete with a picture of the employee, her name, telephone number and email address."
The victims also receive a "transaction error correction letter" complete with an IRS letterhead that includes the customers' personal and financial details and instructions on how to transfer the "erroneously received" funds.
Elaine Dodd, executive vice president of the fraud division at the Oklahoma Bankers Association, told Krebs that a "good number of customers" at various banks suddenly had large amounts of money deposited into their accounts at the same time.
The IRS detected the scam by 1 February and has since issued multiple warnings about the "quickly growing" fake refunds scheme following hundreds of complaints from taxpayers. Authorities said thousands have already fallen victim to the scheme described as a "new twist on an old scam".
"Thieves are then using various tactics to reclaim the refund from the taxpayers, and their versions of the scam may continue to evolve," the IRS said, urging tax preparers to shore up their security practices.
Taxpayers who do receive fraudulent refunds have been advised to contact their banks and tax preparer immediately as they may need to close their account,
"Thieves know it is more difficult to identify and halt fraudulent tax returns when they are using real client data such as income, dependents, credits and deductions. Generally, criminals find alternative ways to get the fraudulent refunds delivered to themselves rather than the real taxpayers," the IRS said.