Cyber criminals are hell-bent on scamming trusting consumers by targeting them with a bogus tax bill from the Affordable Care Act.
The fake IRS tax notice claims that consumers owe money to Uncle Sam for the previous tax year because of the ACA. These fake notices appear like authentic IRS CP2000 notices, which are sent if a taxpayer's income does not match what they reported on their return, according to the IRS.
"The IRS says many people have gotten the bogus notices," wrote Seena Gressin, an attorney with the Federal Trade Commission's division of consumer and business education.
This imposter scam stands out among other IRS ones, because it is linked to Obamacare and as the tax deadline looms closer, more scams will emerge. These fraudulent emails and social media messages have many telltale signs such as initiating contact by these means, which the IRS will never do, Gressin said.
Fraudsters will also ask their victims to pay their tax bill by sending them a prepaid debit card, gift card or wire transfer and ask for financial information through email, social media or texts. These scammers might also write threatening messages claiming to arrest or deport the taxpayer.
This current scam, the fake CP2000 notices often arrive as an attachment to an email and include a link to transfer money. Instead, these are fake websites which can steal your personal information and money and also infect your laptop or tablet with malware. The fraudsters will also ask for the check to be sent to the I.R.S. The authentic CP2000s ask for checks to be made out to the U.S. Treasury.
This scam provides a payment voucher identified as "LTR0105C" and asks for payments to be mailed to the "Austin Processing Center" in Texas. Fraudsters are creative and they could set up various seemingly authentic return addresses.
Taxpayers who are unsure if their email is from a fraudster, can see the authentic CP2000 notice on the IRS web page, "Understanding Your CP2000 Notice," she said.
Hackers are able to entice consumers easily, because the emails look very much like the authentic ones, said Joseph Carson, head of global strategic alliances at Thycotic, a Washington D.C.-based provider of privileged account management solutions.
"These scams arrive via email in your inbox at exactly the right time," he said. "All signs show that the email came from the IRS, it has your name on the email and the antivirus software did not detect anything, so it did not go to the spam filter. Therefore, it must be the real thing."
Conning taxpayers is not a diffult feat because too many people fail to recongize the obvious signs of a scam.
"Cyber hygiene today is so poor that most consumers do not know what to look for within the email to detect these email scams," Carson said.
Cyber criminals have determined these scams help them generate "easy money" and it becomes a profitable venture because "many of the victims are unable to tell the difference between a scam and the authentic notices," he said. "Cyber criminals use lack of good cyber hygiene, fear of breaking the law and financial penalties if unpaid as scare tactics which continue to prove effective."
In addition to using a good email spam filter, consumers should go directly to the government website if an email winds up in their inbox. Checking the sender's email address and not the display name will determine the authenticity rapidly. Another sign the email is from a fraudster is by checkign the hyperlink addresses by "hovering over them to see where they send you," Carson said.
The prevalance of these emails exist, because creating a phishing email is a relatively inexpensive process, and sending it to millions of email addresses is also trivial, said Nathan Wenzler, principal security architect at AsTech Consulting, a San Francisco-based security consulting company today as well.
"It doesn't take very many people to fall for the scam in order for it to be profitable," he said. "Most scammers are attempting to get personal information they can either collect and sell or are trying to get financial information, such as credit card account numbers they can use for themselves. Even as more people become aware, if a tiny fraction of the millions of targets still click on the links or respond with information, the scammers still make money and will continue leveraging these kinds of attacks."
Historically, Wenzler noted, it was easy to advise consumers how to identify these kind of email scams, as they were riddled with spelling and grammar errors, had incorrect information, used blatantly fake email addresses, or had many other kinds of tells that made it clear it did not come from the original source.
"However, over time, the scammers have gotten more sophisticated, much like we're seeing in this case with the IRS CP2000 notices," he added. "The current wave of phishing emails are designed to look exactly like they come from the actual organization the claim to be from, which makes it very hard for most people to identify when the email is a scam or not."
Scammers often follow current news events because they are aware that the public finds these issues interesting and can lure consumers in easily.
"An election of a new national figure is no exception to these types of headlines, especially when the possibility of new or changed legislation exists," said Joram Borenstein, a vice president of marketing of NICE Actimize, a New York-based financial crimes software solutions provider. "When the legislation has a direct consumer touchpoint that involves personal and sensitive financial and/or healthcare information, we should expect cyber criminals to attempt to exploit this situation by confusing clients with spam and social engineering."