Last week, the United States government rolled out its highly anticipated Economic Impact Payments (EIP) for qualifying taxpayers. Since the beginning of March, the $2 trillion stimulus package has been on the top of everyone’s mind, and scammers did not pass up the chance to profit off the announcement, deploying a range of scams to fool unsuspecting citizens.
A surge of phony calls, text messages and emails gravitating around the economic relief bill during the COVID-19 pandemic spread across the U.S., and now the Treasury Department is worried about the fraudulent activity preying on the EIP currently being distributed by the IRS.
“Scammers are looking for YOUR money,” The Treasury Department said in a recent tweet. “ Do your part and report #COVID19-related scams at http://tips.tigta.gov. Your report could protect your friends, family, and those you care about from falling victim to a scam.”
In their effort to fight fraud, the Virginia Coronavirus Fraud Task Force has also issued a warning, highlighting the dangers:
“We have reports of criminals attempting to use various phishing techniques, including text messages, emails, and letters delivered through the mail, all attempting to steal your personal information or swindle you out of your economic impact payment. Please be vigilant. Simply put: Hang up on robocalls, do not provide your personal identifying information to anyone, and always confirm you are accessing legitimate links from IRS.gov.”
Last Wednesday, the Treasury Department noted that most tax payers (80 million) who had filled out their direct deposit details with the IRS have already received their stimulus packages.
“For most Americans, the Economic Impact Payments will be directly deposited into their bank account. However, for those individuals who do not utilize direct deposit, and other groups who have traditionally received tax refunds via paper check, they will receive their economic impact payment as a hard check.”
However, not all Americans were required to file a tax return last year, and some might not even know if they are eligible in the first place. As a solution, the IRS set up the non-filers platform, where citizens can enter their payment information, and the Get My Payment website, to check the status of their stimulus package, or whether they are eligible for a payment.
The main issue with the Get My Payment platform stems from the fact that it asks for your Social Security number, birth date, first line of a physical address and a ZIP code. This information could already be in the hands of criminals.
Stop guessing what the internet knows about you. Find out with Bitdefender’s Digital Identity Protection.
The only ‘security layer’ it provides to the person filling out the form is the adjusted gross income from a 2019 or 2018 tax return, or a refund or debt amount from either one of the mentioned years – information that a cyber criminal would not likely possess.
However, let’s not forget that fraudsters are crafty, and they could easily send out a phishing email or call recipients asking for their information. While the platform does not allow on file bank account data to be changed, the service could easily be exploited, creating new means for identity theft.
In times of crisis, we become most vulnerable, and brushing up on fraudsters’ M.O. can protect you from becoming another victim. Scammers can play their part quite nicely, and fool unsuspecting citizens that rely so much on government aid. You can make a difference by following some simple rules and informing your loved ones:
• The IRS will not call you about your stimulus package – if your receive a phone call, simply hang up and report the fraud attempt
• The IRS will not send you an email with a link or an attachment about your EIP – if you have already filed your 2018-2019 tax report (and you are eligible), the payment has most likely already been deposited in your bank account. If this is not the case, the platforms set up by the IRS provide instructions on how you can receive your payment
• The IRS will not ask you for any personal information over the phone or email