Cyberattacks continue to rise for businesses. And Finance is one of the most common targets for crooks. IRS and its Security Summit, a group of tax pros, is reminding companies to remain vigilant this year-end and watch for fraud schemes.
With all the hustle and bustle of year-end prep, your Finance team may not be on the lookout for scams that can compromise company credit card information or lead to identity theft of the business or its employees.
Make sure you remind them of the top things they should be mindful of when responding to emails or accessing confidential info.
Preventing scams
Fraud schemes related to COVID-19 are still prevalent, IRS says. They’re designed to trick employees into opening links or attachments under the assumption the message is about legitimate loans, relief money or tax payments.
Another scam that’s still plaguing Finance pros: the Form W-2 scam. The most common version involves criminals posing as you or another exec to get your Payroll team to send them your workers’ names and W-2s. Employees fall for this so often that IRS now has a special procedure for companies to report W-2 fraud schemes.
To prevent hassles, it’s important to remind Payroll to always double-check any emailed requests. Taking five minutes to pick up the phone or track down the sender can save hours of time and keep data secure.
In addition, it’s key to make sure IRS has the most up-to-date contact info with your employer identification number (EIN) application.
Most notably, you should have your current address and the name of the responsible party for any tax-related issues on file. That way, if any problems do arise, you’ll be notified ASAP.
It’s also important to work with IT to make sure that:
- important Finance files have backups
- computer security software updates automatically
- accounts, devices and systems all have strong passwords
- computers and devices are encrypted, and
- multifactor authentication is used.
What to do if a fraud scheme happens
If the worst does happen, and you suspect a thief has stolen confidential info and used it to falsely file with IRS, the Service says you should file Form 14039-B, Business Identity Theft Affidavit, immediately. This will help mitigate any problems caused by fraud schemes.
Businesses should complete Form 14039-B if:
- IRS has rejected an e-filed return because a return’s already on file for that tax period
- they receive a notice about a tax return they haven’t filed yet
- they’re notified that SSA’s received Forms W-2 that they haven’t filed, or
- a notice indicates a balance due with IRS they don’t owe.