Skip to main content
IMA Tax Policy Blog

Tips for Protecting Your Business from Tax Scams

by David Holets and Kristy Rempalski

Crowe Horwath LLP is an IMA member.

The IRS has implemented new safeguards in its pursuit to reduce identity theft and tax scams. However, identity thieves increasingly are targeting business taxpayers. Following are tips for protecting your business.

Payroll/Human Resource Scam

The IRS has issued a number of warnings about a common scam targeting payroll and human resource personnel. The scam often starts with a thief who impersonates a leader within the company, such as the CEO. The thief often will send a simple email with a greeting like “Hey, you in today?” The email typically asks for a list of all employees and their W-2 forms and has used subject lines such as “review,” “manual review,” or “request.” In some cases, the thief might send a follow-up email asking for a wire transfer.
To prevent this type of fraud, companies should educate any personnel with access to confidential employee data about the dangers of responding to requests for employee information without confirming the sender’s identity and whether the sender is authorized to have access to the information. Companies also should consider implementing strict policies employees must follow before any employee information is released through email, even internally. The IRS has released a guide on what a company should do if it is concerned that employee W-2 forms or Social Security numbers (SSNs) have been compromised.

Email Phishing Attacks

Phishing attacks are used to steal taxpayer data. In these email schemes, criminals pose as a person or organization the taxpayer trusts or recognizes. Among other tactics, a “phisher” might send emails under another person’s name or might pose as a bank or government employee. The phisher often creates websites and sends emails that appear legitimate in order to gain access to taxpayer information. These attempts often suggest the taxpayer has a refund available or, conversely, owes a large sum of tax and is going to be prosecuted. The requests often ask for personal information such as SSN and might also ask for bank account or credit card information. The fraudulent emails and websites also might install malware, which tracks user activity, or ransomware, which locks up a user’s computer pending a ransom payment to the perpetrator.
Phishing emails often can be identified by poor or strange grammatical structures and by website links that, when hovered over, go to an address different from the one shown. Users should not click on any links in a suspect email. The IRS suggests that if a person receives an unsolicited email that appears to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System, the recipient should report the email by sending it to The IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.

Recognizing Identity Theft Flags

The IRS published additional information and tips in its “Identity Theft Guide for Business, Partnerships and Estates and Trusts.” The IRS warns business taxpayers to contact the IRS if presented with any of the following signs of potential identity theft:

  • Rejected requests for filing extensions because a return with the same employer identification number (EIN) or SSN already is on file
  • Rejected e-filed returns because a duplicate EIN/SSN already is on file with the IRS
  • Unexpected tax transcript or IRS notice that doesn’t correspond to anything submitted by the filer
  • Missed expected and routine correspondence from the IRS (which could mean a thief has changed the address on record)


To view the original article, click here.