By The 2019 tax season is quickly approaching and with it an increase in identity theft and W-2 scams. Small business identity theft is big business for identity thieves. Just like individuals, businesses may have their identities stolen, and their sensitive information used to open credit card accounts or used to file fraudulent tax returns for bogus refunds.
Furthermore, employers also hold sensitive tax data on employees, such as Form W-2 data, which also is highly valued by identity thieves and often used to file fake tax returns. Therefore, it is important for small businesses to take some important steps to protect themselves and their employees.
Stolen Employer Identification Numbers (EINs) have long been used by identity thieves to create fake Forms W-2 that they would file with fraudulent individual tax returns. Fraudsters also use EINs to open new lines of credit or obtain credit cards and are now using company names and EINs to file fraudulent returns.
The fraudulent filings apply to partnerships as well as estate and trust forms and the IRS has identified an increase in the number of fraudulent Forms 1120, 1120S and 1041 as well as Schedules K-1.
Signs of Potential Identity Theft
Businesses, partnerships and estate and trust filers should contact the IRS if they experience any of the following:
- Extension to file requests are rejected because a return with the Employer Identification Number or Social Security number is already on file.
- An e-filed return is rejected because a duplicate EIN/SSN is already on file with the IRS.
- An unexpected receipt of a tax transcript or IRS notice that doesn’t correspond to anything submitted by the filer.
- Failure to receive expected and routine correspondence from the IRS because the thief has changed the address.
Be on Guard against W-2 scams
Both public and private sector employers are targets for these W-2 scams, which in recent years have become one of the more dangerous email scams for tax administration. These emails appear to be from an executive or organization leader to a payroll or human resources employee. It may start with a simple, “Hey, you in today?” and, by the end of the exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals—putting workers at risk for tax-related identity theft.
Because payroll officials believe they are corresponding with an executive, it may take weeks for someone to realize a data theft has occurred. Generally, the criminals are trying to quickly take advantage of their theft, sometimes filing fraudulent tax returns within a day or two.
This scam is such a threat to taxpayers that the IRS has established a special reporting process.
Reporting Fraud Schemes:
1. Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. Do not attach any employee personally identifiable information data.
2. Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
3. Businesses/payroll service providers should file a complaint with the FBI’s Internet Crime Complaint Center (IC3.gov). Businesses/payroll service providers may be asked to file a report with their local law enforcement agency.
4. Notify employees so they may take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.gov provides guidance on general steps employees should take.
5. Forward the scam email to phishing@irs.gov.
Steps Employers can take to Protect Sensitive Information
Employers are urged to put steps and protocols in place for the sharing of sensitive employee information such as Forms W-2. One example would be to have two people review any distribution of sensitive W-2 data or wire transfers. Another example would be to require a verbal confirmation before emailing W-2 data. Employers also are urged to educate their payroll or human resources departments about these scams.
Don’t hesitate to contact the office if you believe you were a victim of identity theft or any other tax scam. Help is just a phone call away.