Taxes Blog

Finance Blogs » Taxes » E-pay tax scam is back

E-pay tax scam is back

By Kay Bell · Bankrate.com
Tuesday, August 7, 2012
Posted: 3 pm ET

Tax con artists don't take summer vacations. Proof of that comes via a phishing attempt that's once again showing up in email boxes.

The email subject line reads "Your Federal Tax Payment ID: 0075234 is failed."

The body of the message goes on to "warn" the recipient that:

Your Federal Tax Payment ID: 637653220 has been rejected.

Return Reason Code R21 - The identification number used in the Company Identification Field is not valid. Please, check the information and refer to Code R21 to get details about your company payment in transaction contacts section:

report_824723.pdf.exe (self-extracting archive, Adobe PDF)

In other way forward information to your accountant adviser.

EFTPS: The Electronic Federal Tax Payment System

PLEASE NOTE: Your tax payment is due regardless of EFTPS online availability. In case of an emergency, you can always make your tax payment by calling the EFTPS.

The  first clue that this is not a real Internal Revenue Service message is its awkward syntax. Despite what else you think about the federal tax office, its employees can write above a third-grade level.

But the most obvious indicator the message isn't from the IRS is that the agency doesn't initiate contact with taxpayers via email. That's probably the 80th gazillion time you've heard that, right? Unfortunately, some people still aren't listening and become tax scam victims.

My blogging colleague Barbara Whelehan received this alert at her work email, not the address she'd likely use for any personal tax communications. And she doesn't use EFTPS.

So those anomalies, plus Barbara's own scam radar, meant she wasn't alarmed a tax payment had gone astray. Others, however, might be -- and that's what the phishers are counting on.

They especially want you to be scared enough about a missed tax payment that you click on the link to a purported PDF that's included in the message.

You can be sure that link either goes to a fake website or installs some malware on your computer. Either way, the goal is to steal your personal and tax information so the criminal at the other end of the message can ruin your financial (and personal) life.

You are not alone in being a target. The IRS says it detected nearly 1 million fraudulent returns related to identity theft and prevented $6.5 billion in fraudulent refunds during the 2011 filing season. A recent investigation by the Treasury Inspector General for Tax Administration, however, identified an additional 1.5 million undetected fraudulent returns processed that year that could cost the U.S. Treasury as much as $5.2 billion in refunds.

This particular scam using the Electronic Federal Tax Payment System, or EFTPS, as a hook has been around since 2008. Phishing criminals tried it again in 2010. And the IRS warned in late May that it was reappearing.

If you get it, don't be concerned. Don't click on any link in the email. Before you delete it, forward the scam email to the Internal Revenue Service at Phishing@irs.gov.

And if by some weird coincidence you really did make a recent tax payment via EFTPS, call the IRS to check on your account. An IRS representative is at the toll-free (800) 829-1040 number every Monday through Friday from 7 a.m. until 7 p.m. your local time.

Want the latest tax news, tax alerts and tax-saving tips? Subscribe to Bankrate's free Weekly Tax Tip newsletter.

You also can follow me on Twitter @taxtweet.

«
»
Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.