Tag Archives: scam

Payroll Fraud Schemes Every Business Should Know

According to the Association of Certified Fraud Examiners, nearly 30 percent of businesses are victims of payroll malfeasance, with small businesses twice as likely to be affected as large businesses. Here are four scary payroll fraud schemes you need to know:

  • Ghost employees. A ghost employee does not exist anywhere except in your payroll system. Typically, someone with access to your payroll creates a fake employee and assigns direct deposit information to a dummy account so they can secretly transfer the money into their own bank account.
  • Time thieves. Time stealing happens when employees add more time to their timecard than they actually worked. Sometimes multiple employees will team up to clock each other in earlier than when they arrive or later than when they depart for the day.
  • Shape-shifting commissions. In an attempt to bump up a commission payment or attain a quota, sneaky sales employees may alter a sales contract to their benefit. A typical tactic used by a dishonest salesperson is to make a booked sale appear larger than it is and then slide a credit memo through the system in a later period. Companies with complicated commission calculations or weak controls in this area are the most vulnerable.
  • External swindlers. A popular scam, known as phishing, starts with a fraudster impersonating a company executive through email or over the phone asking an employee with access to payroll data to wire money or provide sensitive information. These imposters can make the correspondence look very real by using company logos, signatures and email addresses.

Tips to combat payroll fraud

Being aware of the threats is a start, but you also need to know how to stop them. Here are some tips to reduce your company’s payroll fraud risk:

  • Better internal controls. While most employees are trustworthy, giving too much control over your payroll to one person is not a good idea. Separating payroll duties and formalizing an approval process protects both your business and your employees.
  • Review payroll records. Designate someone outside of the payroll-processing department to periodically review the payroll records. Have them review names, pay rates and verify that the total payroll matches what was withdrawn from the business bank account.
  • Perform random internal audits. During an internal audit is when you can really get into the details to look for potential payroll fraud. You can do an in-depth review of the whole payroll system or select a random sample of dates and employees. Keep the timing of the audit under wraps to prevent giving someone the chance to cover up their misdeeds.

Managing your business payroll is a daunting task by itself, and actively protecting against fraud adds additional complexity.

How to avoid tax scams this year

As tax season rolls on, scams are picking up, hurting last-minute filers. And Microsoft is offering advice to help steer clear of them.

In February, there was an average of 300,000 phishing attempts per day across Microsoft’s browsers, the company said in an advisory. The company’s security experts expect these scams to grow as tax day approaches.

In the two weeks before the April 15 deadline, 20 to 25 percent of Americans file taxes, according to the Internal Revenue Service. And with about a month until the filing deadline, Microsoft is urging Windows 10 users to take the following steps to avoid tax scams.

Blocks with scam phrases

Passwords are not enough

“Don’t rely on passwords alone. When possible, always use multi-factor authentication,” Holly Stewart, Principal Research Lead for the Windows Defender Antivirus Research team at Microsoft, wrote in the note.

With multi-factor authentication, a user gets access to a feature or device only after providing two or more pieces of identification. So instead of just providing a password, a user is also asked to provide a temporary passcode and/or a biometric ID, like a fingerprint or face scan.

Newer Windows 10 laptops from manufacturers like Hewlett-Packard and Dell now often come with “Windows Hello” face ID or fingerprint ID or both. Microsoft also offers a Microsoft Authenticator app for managing account logins on other devices, including Apple and Google products.

Be very wary of email

The company also said that users should be suspicious of all links, especially when the email seems “off” or unexpected – like an email from your credit card company, or financial institution.

There are also preventative measures users can take, such as checking directly with the sender before opening or downloading an attachment, Microsoft added.

And tax-related URLs should be scrutinized too. For example, users should hover over links to make sure the URL goes to a legitimate website. If you’re not sure, rather than clicking on the link, bring up the tax site via a search engine and log in from there, Microsoft said.

And more wary of attachments

Attachments are notorious places for malware to get at your personal data. An email with a fake invoice from a tax preparation company is one of the top methods criminals use to trick people into opening a malicious attachment that could, in turn, execute malware on your computer, Microsoft said.

“We’ve seen PDFs that contain innocuous-looking links that lead to users accidentally downloading malicious software designed to steal their credentials,”  the company wrote in the advisory.

Keep software up-to-date

Lastly, users should keep their software current. If you’re running Windows 10, make sure it has the latest security and feature updates and you have virus protection running, such as Windows Defender Antivirus.

Source: Fox

Protecting Your Social Security Number

Very few things in life can create a higher degree of stress and hassle than having your Social Security Number (SSN) stolen. This is because, unlike other forms of ID, the SSN is virtually permanent. While most instances of SSN theft are outside your control, there are some things that you can do to minimize the risk of this ever happening to you.

Never carry your card. Place your SSN card in a safe place. That place is never your wallet or purse. Only take the card with you when you need it.

Know who needs it. As identity theft becomes more of a problem, there are fewer who really need to know your Social Security Number. Here is that list.

  • The government.The federal and state governments use this number to keep track of your earnings for retirement benefits and to ensure you pay proper taxes.
  • Your employer.The SSN is used to keep track of your wages and withholdings. It also is used to prove citizenship and to contribute to your Social Security and Medicare accounts.
  • Certain financial institutions.Your SSN is used by various financial institutions to prove citizenship, open bank accounts, provide loans, establish other forms of credit, and report on your credit history.

Know who really does not need it. Many other vendors may ask for your Social Security Number, but having it is not an essential requirement. The most common requests come from health care providers and insurance companies. But the request for your number may come from anyone who wishes to collect an unpaid bill. When asked on a form for your number, leave it blank. Challenge the provider if it is requested.

Destroy and distort. Shred any documents that have your SSN listed. When providing copies of your tax return to anyone, distort or cover your SSN. Remember your SSN is printed on the top of each page of Form 1040. If the government requests your SSN on a check payment, only place the last four digits on the check. Prefill the first five digits with X’s.

Keep your scammer alert on high. Never give out your SSN over the phone or via e-mail. Do not even confirm your SSN to someone who happens to read it back to you on the phone. If this happens to you, file a police report and report the theft to the IRS and Federal Trade Commission.

Proactively check for use. Periodically check your credit reports for potential use of your SSN. If suspicious activity is found, have the credit agencies place a fraud alert on your account. Remember, everyone is entitled to a free credit report once a year. You can obtain yours at www.annualcreditreport.com.

Replacing a stolen SSN is not only hard to do, it can create problems. You will need to re-establish your credit history, reassign your SSN benefits history, and realign your tax records. Your best defense is to stop the theft before it happens.

The College Student Tax Scam

School is well under way and the IRS has reminded us to pay attention to a new scam that is targeting students and their parents. Here is what you need to know.

  • The scam – Callers will contact your student and demand payment of an unpaid Student Tax. This tax does not exist. The contact is typically via phone call, but can take the form of a realistic looking email.
  • It will seem real – The caller will say they are from the IRS. They will have your student’s name and some of their personal information stolen from another source. There may be a caller ID displaying IRS. They will often call multiple times and may even threaten arrest.
  • Their goal – To get your unwary student (or you – the unwary parent) to provide them with payment through a prepaid debit card, credit card, or other type of gift card.
  • What to do – If this happens to you, hang up. If they call back, do not answer. Make sure your students are aware that this may happen and they should inform you immediately of the call. Remember, the IRS NEVER initiates a tax question with a phone call or email. You can also report the scam to the Treasury Inspector General for Tax Administration: IRS Impersonation Scam Reporting Form

 Your data must be stolen

Should this scam occur, one thing is certain. Personal data has been stolen. If you receive this scam call, you may be targeted for other scams. So be alert and consider reviewing your credit reports to ensure someone is not trying to access your identity in other ways.

IRS Warns of Possible Scams Relating to Orlando Mass-Shooting

The Internal Revenue Service issued a consumer alert about possible fake charity scams emerging due to the mass-shooting in Orlando, Florida, and encouraged taxpayers to seek out recognized charitable groups.

When making donations to assist victims of this terrible tragedy, there are simple steps taxpayers can take to ensure their hard-earned money goes to legitimate charities. IRS.gov has the tools taxpayers need to quickly and easily check out the status of charitable organizations.

While there has been an enormous wave of support across the country for the victims and families of Orlando, it is common for scam artists to take advantage of this generosity by impersonating charities to get money or private information from well-meaning taxpayers. Such fraudulent schemes may involve contact by telephone, social media, email or in-person solicitations.

The IRS cautions donors to follow these tips:

  • Be sure to donate to recognized charities.
  • Be wary of charities with names that are similar to familiar or nationally known organizations. Some phony charities use names or websites that sound or look like those of respected, legitimate organizations. The IRS website at IRS.gov has a search feature, Exempt Organizations Select Check, through which people may find qualified charities; donations to these charities may be tax-deductible.
  • Don’t give out personal financial information — such as Social Security numbers or credit card and bank account numbers and passwords — to anyone who solicits a contribution. Scam artists may use this information to steal a donor’s identity and money.
  • Don’t give or send cash. For security and tax record purposes, contribute by check or credit card or another way that provides documentation of the gift.
  • Consult IRS Publication 526, Charitable Contributions, available on IRS.gov.   This free booklet describes the tax rules that apply to making tax-deductible donations. Among other things, it also provides complete details on what records to keep.

Taxpayers suspecting fraud by email should visit IRS.gov and search for the keywords “Report Phishing.”

More information about tax scams and schemes may be found at IRS.gov using the keywords “scams and schemes.”