Taxes & Security Together

What to do if you received an Identity Verification Letter

If you received an identity verification letter, your return has been flagged for verification.
Flagged returns must be verified before we can finish processing your refund.
You don't need to complete this process if you did not receive an identity verification letter.

How to verify your return

If your return is flagged, you will receive one of the following letters:

• Identity Verification Letter — This letter will ask you to complete the online verification process or send us the requested information.

• Address Verification Letter — This letter will ask you to send us the requested information by mail, fax, or electronic file transfer service. There is no online verification process.

Once you’ve successfully completed the necessary steps, we will process your refund. If any item entered or sent does not match our records, the verification will fail. Refunds will not be issued until your identity or address is verified.

Online Verification — Identity Verification Letters Only

Go to the Montana Department of Revenue TransAction Portal (TAP). Click on the "Verify Return" link and follow the onscreen directions to verify that you or your preparer filed your return, or to report the filing as fraudulent.

You will need

• Your Tax Verification Code — This code may have been included with the identity verification letter the department sent you.

• Your Last Name as shown on the identity verification letter.

• The Refund Amount requested on your current year Montana individual income tax return (Form 2, line 74; Form 2EZ, line 21; Form 2EC, line 13)

Follow the link in your letter, and our website will give you the process instructions.

Respond By Mail — Address Or Identity Verification Letters

If you prefer to respond by mail, you must send the address or identity verification letter and two documents, one from each category.

Please mail copies; not original documents. Fax and electronic transfer options are also included below.

Category 1:

A document copy that has your photograph and full name, such as:

• Montana driver's license (current or expired less than one year)

• Driver's license from any other state (current)

• State identification card

• Passport

• Military identification

• Government issued photo identification

Category 2:

A document copy less than 3 months old with your full name and complete address matching those on your currently filed return, such as:

• Utility bill (gas, electric, cable, cell phone, etc.)

• Bank statement

• Payroll stub

• Tax bill

• Rental agreement (signed by landlord and renter)

• College or university transcript

• Insurance policy (vehicle, homeowners, renters, health, life)

• Credit card statement

Where do I send the documentation?

Send in your address or identity verification letter and copies of your documents to us using the information below:

Mail to:

Montana Department of Revenue

Attn: Verification Letter

P.O. Box 7149

Helena, MT 59604-7149

Fax to:

ATTN: Verification Letter

(406) 444-6642

Electronic File Transfer:

Our secure file transfer service, ePass Montana, is available at

We will not accept documents sent via email. Please do not send original documents since they will not be returned.

Frequently Asked Questions

Q. Why do I have to complete this process?

We want to prevent someone else from stealing your identity and tax refund by filing a false tax return in your name. This is one more measure we use to keep your information safe.

Q. How was I chosen?

Our system flags returns with factors indicating the possibility of identity fraud. When this happens, we require the taxpayer to prove their identity or verify their address before processing the refund.

Q. Can I complete the process if I didn’t get a letter?

No. Only those taxpayers who receive a letter can complete the process.

Q. Can someone else complete the process for me?

No. Only you, or your authorized third party, can complete this process. For taxpayers receiving an identity verification letter, we strongly encourage you to find a way to complete your verification online. However, if you are unable to complete your verification using the internet, you can mail us documentation to verify your identity.

Contact Us

If you have any questions, please contact Department of Revenue Customer Assistance:

 Identity Protection

Taxes & Security Together

Identity Protection

What To Do If You Are The Victim of Identity Theft

Contact the IRS

If a fraudulent state return has been filed using your information, it is probable that one has been filed at the federal level as well. Please contact the IRS Identity Protection Specialized Unit at 1 (800) 908-4490, or you may complete the IRS Identity Theft Affidavit, Form 14039. Follow the directions on the back of the form to submit the form to the IRS.

File a Police Report

File a report with law enforcement officials to help you with creditors who may want proof of the crime.

Review Your Credit Report

The law requires that major nationwide consumer reporting companies - Equifax, Experian and TransUnion - give you a free copy of your credit report each year.

Visit AnnualCreditReport.Com

Place a Fraud Alert

You can place a fraud alert on your credit report by contacting one of the three major credit bureaus:


Report to the Federal Trade Commission

Online at

By phone: 1 (877)ID-THEFT (1-877-438-4338

For more information, see the Federal Trade Commission's identity theft webpage at

Contact Your Financial Institutions

Reach out to your bank and other financial institutions such as credit card companies.

Ask if any of your accounts have been tampered with. For example, check to see if your address was changed or if new accounts have been created in your name.

IRS Identity Theft Resources


Taxes & Security Together

Reporting Suspected Fraud

We need your help to stop Tax Fraud

The Montana Department of Revenue is committed to the fair administration of the tax laws of this state. This means taxpayers should pay no more and no less than they owe the state of Montana. We recognize that most taxpayers are honest and seek to pay their fair share for the services they receive from the state. Unfortunately, we know there are individuals and businesses that evade paying taxes that they owe. This is fraud and it is illegal. We need you to help us find and stop this activity.

Form STFIR - Contact us anonymously by completing this information referral form.

How Do I Report Suspected Tax Fraud Activity?


• Call us: (406) 444-6900
This call is confidential.  

• Fax your complaint to us at (406) 444-6642

• Contact us anonymously by completing Form STFIR Information Referral

• Write us at:

Montana Department of Revenue
Attention: Compliance Unit
PO Box 7149
Helena, MT 59604-7149

• OR visit us at:

125 N. Roberts, 3rd Floor
Helena, MT 59601

Note: Suspected cases of federal tax fraud should be reported to federal authorities.

What Information Should I Provide?

Please provide a description, with as specific details as possible, of the activities that you believe are fraudulent. This could include:

• The name and address of the person or business

• Individual/business address and phone number

• Marital status

• Spouse's name

• Alleged tax violation

• The date or time period of the potential fraud

• How you became aware of the alleged violation

• Asset information (vehicles, property, etc.)

• Copies of any documents relating to the activities you are reporting (this will be extremely helpful to the department in reviewing your complaint)

• Your contact information (optional)

Use Form STFIR Information Referral for providing the information listed above.

Examples of Tax Fraud

• Intentionally failing to file individual income tax returns.

• A self-employed individual intentionally failing to report all income received.

• Filing an individual income tax return and deliberately understating the amount of income that was earned during the tax year.

• Overstating the number of children or other dependents on an individual income tax return.

• Filing an individual income tax return claiming to be a resident of another state while residing in Montana.

• Making false or fraudulent claims for refunds.

• Failing to maintain records that show the true income and expenses of a business.

• Preparing documents, books, and records that intentionally understate the true income or overstate the expenses of a business.

• Operating a business without registering with the Montana Secretary of State or Department of Revenue.

• Payment of cash wages to employees for the purpose of avoiding Montana withholding tax.

• Opening and closing of new businesses to evade taxes.

• Operating a business using someone else’s name to avoid business and income taxes.

Difference Between Avoidance and Evasion

Tax Avoidance (Legal)

• Involves legal tax planning to minimize one’s tax liability.

• Reduces, avoids, or minimizes taxes by changing the nature of a transaction to comply with a tax exemption or exclusion. (Details of the transaction are disclosed.)

• Does not conceal or misrepresent.

• Shapes and preplans events to reduce or eliminate tax liability by taking advantage of favorable tax laws.

• Prepares documents showing the details of the transactions and reports the transactions.

Tax Evasion (Illegal)

• Involves deceit and deception, hiding the true nature or misrepresenting the facts to take advantage of a tax exemption or exclusion that doesn’t actually apply.

• Intentional concealment and misrepresentation.

• Structures events and transactions to hide the true nature of the transactions.

• Fails to prepare, conceals, alters, or destroys the documents that show the true details of the transactions.

How Does Tax Fraud Affect the Taxpayer?

When dishonest people fail to pay their fair share of taxes, it has a negative impact on businesses, consumers, and on the performance of vital state services. Tax fraud often leads to higher prices, possible tax increases, inadequately funded school systems, poor roads, bridges and infrastructure, and a reduction in other government supported programs. The burden of covering these shortages falls on honest taxpayers and the public in general.

What the Department of Revenue Will Do When the Information is Received

We will review the information you provide along with our records for the person or business in question. Any additional steps will be determined by the outcome of this review. We may contact you if additional information is needed for our investigation.

We cannot reveal any taxpayer’s information because of confidentiality laws, so we cannot tell you what steps were taken in reviewing the information you provided. We sincerely appreciate any information or tips that uncover tax fraud. We will also take every precaution within our control to protect the identity of anyone who provides information regarding potential tax fraud or underreporting of taxes.

We may also share information that is provided with the Internal Revenue Service.

Frequently Asked Questions

Q. Why Should I File a Suspected Tax Fraud Complaint?

Tax fraud hurts all of us. Tax fraud decreases the revenue available to fund essential state and local services. These services include funds for police and fire departments, highway improvements, libraries, schools, parks, hospitals, courts and more. Plus, fraud hurts the honest business owner.

Q. Is there a monetary reward for reporting suspected tax fraud?

No, there is no provision in Montana law or administrative rules that allows for a reward to be paid for reporting tax fraud.

However, although there is no monetary reward available for this specific purpose, the individuals who supply the information can receive a great deal of satisfaction knowing that they did their part in ensuring that all taxpayers in Montana pay their fair share of taxes and knowing that those who don’t pay will be held accountable.

Q. Will I be Updated on the Status of my Complaint?

No. Because of confidentiality requirements, we cannot divulge to you the results of any pending investigation at any time. But please understand, we investigate every tip or report we receive.

Q. Can I report suspected tax fraud and remain anonymous?

Yes. If you wish to remain anonymous you should not give us your name or identifying information during the interview or when sending information. We will investigate all complaints, whether anonymous or not. We treat any information you provide as confidential unless compelled by law to do otherwise.


Taxes & Security Together

Identity Theft and Fraud Prevention News Alerts

Press Releases and News Events related to the department's efforts against fraud and identity theft.

SAVA Cancels Nov. 14 Meeting

The legislature's State Administration and Veterans' Affairs Interim Committee has canceled its November 14 meeting. SAVA's next meeting will be January 18.

Thursday, November 9, 2017/Author: Petersen, Molly/Number of views (347)/Comments (0)/
Categories: Legislative Branch

SAVA to Begin Tackling Problem of Aging Voting Systems on Sept. 14

The voting machines that help disabled electors mark their ballots and the optical scan systems that tabulate election results are aging. What systems should be purchased to replace these aging machines and how to pay for them is a priority concern of county election administrators. The legislature's State Administration and Veterans' Affairs Interim Committee will begin tackling this issue at a meeting in Helena on September 14.

Tuesday, September 5, 2017/Author: Petersen, Molly/Number of views (410)/Comments (0)/
Categories: Legislative Branch

SAVA Elects Officers, Sketches Out Interim Plans

This release was corrected on September 5. The last sentence of the second bullet was deleted because it was inaccurate. 

Wednesday, August 30, 2017/Author: Petersen, Molly/Number of views (412)/Comments (0)/
Categories: Legislative Branch

Legislators to Examine Veteran Suicide Prevention and Requiring Websites to Post Privacy Policies

The State Administration and Veterans’ Affairs Interim Committee is meeting in Helena on June 8 to examine several public policy issues.

Tuesday, June 7, 2016/Author: cl0165 state/Number of views (1277)/Comments (0)/
Categories: Legislative Branch

The State Administration and Veterans' Affairs Interim Committee to Meet on April 19

The State Administration and Veterans' Affairs Interim Committee has a full agenda for its upcoming meeting on April 19. The meeting will begin at 8:30 a.m. in Room 102 of the Capitol.

Friday, April 15, 2016/Author: cl0165 state/Number of views (1201)/Comments (0)/
Categories: Legislative Branch
 Recent Scams

Taxes & Security Together

Scam Alerts

For a complete list of Consumer Scams in Montana, see the Office of Consumer Protection Consumer Alert and Scam Alerts.

October 10, 2017

The IRS today warned all e-Services users to beware a new phishing scam that tries to trick tax professionals into “signing” a new e-Services user agreement. The phishing scam seeks to steal passwords and data.

All tax professionals should be aware that as e-Services begins its move later this month to Secure Access authentication and its two-factor protections, cybercriminals likely will make last-ditch efforts to steal passwords and data prior to the transition. Don’t take the bait!

The scam email claims to be from “e-Services Registration” and uses “Important Update about Your e-Services Account” in the subject line. It states, in part, “We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products.” It asks you to review and accept the agreement but takes you to a fake site instead.

If you have clicked onto this link, you should perform a deep scan with your security software, contact your office’s IT/cybersecurity personnel and contact the IRS e-Help Desk.

To read more about what the IRS is doing to protect your accounts with Secure Access authentication, go directly to the main e-Services landing page on

IRS Security Summit

The Internal Revenue System has joined with representatives of the software industry, tax preparation firms, payroll and tax financial product processors and state tax administrators to combat identity theft and fraud to protect the nation's taxpayers.

You can learn more about how to protect yourself on the IRS Security Summit website.

Don't Take the Bait

Don't Take the Bait focuses on raising awareness of the critical need for tax professionals to incrase their computer security and be cautious when reviewing their inbox—specifically the successful email scams dubbed "spear fishing".

Learn more about Don't Take the Bait.

August 4, 2017

Security Summit Alert: Tax Pros Warned of New Scam to Steal Their Passwords

Washington—The Internal Revenue Service, state tax agencies and the tax industry today warned tax professionals to be alert to a new phishing email scam impersonating tax software providers and attempting to steal usernames and passwords.

This sophisticated scam yet again displays cybercriminals’ tax savvy and underscores the need for tax professionals to take strong security measures to protect their clients and protect their business. This is the time of year when many software providers issue software upgrades and when tax professionals are working to meet the Oct. 15 deadline for extension filers.

These types of phishing scams are why the IRS, state tax agencies and the tax industry, acting as the Security Summit, launched the 10-week Don’t Take the Bait campaign currently underway. This awareness effort highlights the many tactics of cybercriminals as well as the steps tax professionals can take to protect their clients and themselves.

This latest scam email variation comes with a subject line of “Software Support Update” and highlights an “Important Software System Upgrade.” It thanks recipients for continuing to trust the software provider to serve their tax preparation needs and mimics the software providers’ email templates.

The e-mail informs the recipients that due to a recent software upgrade, the preparer must revalidate their login credentials. It provides a link to a fictitious website that mirrors the software provider’s actual login page.

Instead of upgrading software, the tax professionals are providing their information to cybercriminals who use the stolen credentials to access the preparers’ accounts and to steal client information.

The Security Summit reminds tax professionals that software providers do not embed links into emails asking them to validate passwords. Also, tax professionals and taxpayers should never open a link or an attachment from a suspicious email.

Tax professionals can review additional tips to protect clients and themselves at Protect Your Clients, Protect Yourself on

Tax professionals who receive emails purportedly from their tax software providers seeking login credentials should send those scam emails to their tax software provider.

For Windows users, follow this process to help the investigation of these scam emails:

1. Use “Save As” to save the scam. Under “save as type” in the drop-down menu, select “plain text” and save to the desktop. Do not click on any links.

2. Open a new email and attach this saved email as a file.

3. Send a new email containing the attachment to the tax software provider, as well as a copy to

April 4, 2017

Taxpayers: Watch Out for Scam Calls

WASHINGTON—Starting this month, the Internal Revenue Service will begin sending letters to a relatively small group of taxpayers whose overdue federal tax accounts are being assigned to one of four private-sector collection agencies.

The new program, authorized under a federal law enacted by Congress in December 2015, enables these designated contractors to collect, on the government’s behalf, unpaid tax debts. Usually, these are unpaid individual tax obligations that are not currently being worked by IRS collection employees and often were assessed by the tax agency several years ago.

Taxpayers being assigned to a private firm would have had multiple contacts from the IRS in previous years and still have an unpaid tax bill.

“The IRS is taking steps throughout this effort to ensure that the private collection firms work responsibly and respect taxpayer rights,” said IRS Commissioner John Koskinen. “The IRS also urges taxpayers to be on the lookout for scammers who might use this program as a cover to trick people. In reality, those taxpayers whose accounts are assigned as part of the private collection effort know they have a tax debt.”

The program will begin this week with a few hundred taxpayers receiving mailings and subsequent phone calls, with the program growing to thousands a week later in the spring and summer. Taxpayers with overdue taxes will always receive multiple contacts, letters and phone calls, first from the IRS, not private debt collectors.

How the New Program Works

The IRS will always notify a taxpayer before transferring their account to a private collection agency (PCA). First, the IRS will send a letter to the taxpayer and their tax representative informing them that their account is being assigned to a PCA and giving the name and contact information for the PCA. This mailing will include a copy of Publication 4518, What You Can Expect When the IRS Assigns Your Account to a Private Collection Agency.

Only four private groups are participating in this program: CBE Group of Cedar Falls, Iowa; Conserve of Fairport, N.Y.; Performant of Livermore, Calif.; and Pioneer of Horseheads, N.Y. The taxpayer’s account will only be assigned to one of these agencies, never to all four. No other private group is authorized to represent the IRS.

Once the IRS letter is sent, the designated private firm will send its own letter to the taxpayer and their representative confirming the account transfer. To protect the taxpayer’s privacy and security, both the IRS letter and the collection firm’s letter will contain information that will help taxpayers identify the tax amount owed and assure taxpayers that future collection agency calls they may receive are legitimate.

The private collectors will be able to identify themselves as contractors of the IRS collecting taxes. Employees of these collection agencies must follow the provisions of the Fair Debt Collection Practices Act, and like IRS employees, must be courteous and must respect taxpayer rights.

The private firms are authorized to discuss payment options, including setting up payment agreements with taxpayers. But as with cases assigned to IRS employees, any tax payment must be made, either electronically or by check, to the IRS. A payment should never be sent to the private firm or anyone besides the IRS or the U.S. Treasury. Checks should only be made payable to the United States Treasury. To find out more about available payment options, visit

Private firms are not authorized to take enforcement actions against taxpayers. Only IRS employees can take these actions, such as filing a notice of Federal Tax Lien or issuing a levy. To learn more about the new private debt collection program, visit the Private Debt Collection page on

Watch out for Phone Scams

The IRS reminds taxpayers to be on the lookout for scammers posing as private collection firms. The IRS will be watching for these schemes as the collection program begins, and this effort will include working with partners in the tax community and law enforcement about emerging scams.

People should remember that these private collection firms will only be calling about a tax debt the person has had – and has been aware of – for years and had been contacted about previously in the past by the IRS.

“Here’s a simple rule to keep in mind. You won’t get a call from a private collection firm unless you have unpaid tax debts going back several years and you’ve already heard from the IRS multiple times,” Koskinen said. “The people included in the private collection program typically already know they have a tax issue. If you get a call from someone saying they’re from one of these groups and you’ve paid your taxes, that’s a sure sign of a scam.”

If taxpayers are unsure if they have an unpaid tax debt from a previous year – which is what the private collection firms will handle – they can go to and check their account balance: If the account balance says zero, that means nothing is due, and you typically wouldn’t be getting a contact from the IRS or the private firm.

Whether or not a taxpayer’s account is assigned to a private collection agency, the IRS warns taxpayers to beware of scammers pretending to be from the IRS or an IRS contractor. Here are some things the scammers often do but the IRS and its contractors will never do.

• Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail a bill to any taxpayer who owes taxes, and if a case is assigned to a PCA, both the IRS and the authorized collection agency will send the taxpayer a letter. Payment will always be to the United States Treasury.

• Threaten to immediately bring in local police or other law-enforcement groups to have the taxpayer arrested for not paying.

• Demand that taxes be paid without giving the taxpayer the opportunity to question or appeal the amount owed.

• Ask for credit or debit card numbers over the phone.

“Unexpected and threatening calls out of the blue from someone saying they’re representing the IRS to collect a tax debt is a warning sign people should watch out for,” Koskinen said.

For more information, visit the “Tax Scams and Consumer Alerts” page on

Don’t Wait to Hear from the IRS or a Contractor

As always, the IRS encourages taxpayers behind on their tax obligations to come forward and either pay what they owe or set up a suitable payment plan. This means there’s no need to wait for a phone call or letter from the IRS or any of its contractors.

Frequently, taxpayers qualify for one of several payment options, and taking advantage of them is often easier than many people think. These include the following:

• Most people can set up a payment agreement with the IRS online in a matter of minutes. Those who owe $50,000 or less in combined tax, penalties and interest can use the Online Payment Agreement to set up a monthly payment agreement for up to 72 months. Taxpayers can choose this option even if they have not yet received a bill or notice from the IRS. With the Online Payment Agreement, no paperwork is required, there is no need to call, write or visit the IRS and qualified taxpayers can avoid the filing of a Notice of Federal Tax Lien if one was not previously filed. Alternatively, taxpayers can request a payment agreement by filing Form 9465. This form can be downloaded from and mailed along with a tax return, bill or notice.

• Some struggling taxpayers may qualify for an offer-in-compromise. This is an agreement between a taxpayer and the IRS that settles the taxpayer’s tax liabilities for less than the full amount owed. The IRS looks at the taxpayer’s income and assets to make a determination regarding the taxpayer’s ability to pay. To help determine eligibility, use the Offer in Compromise Pre-Qualifier, a free online tool available on

“If people have a problem paying their tax bill, we encourage them to reach out to us,” Koskinen said. “We have many programs designed to help people who are having trouble meeting their tax obligations. It’s better to reach out to us sooner rather than later for help, because interest and penalties on unpaid taxes can add up quickly.”

February 21, 2017

Security Summit Alert: Tax Professionals Warned of New Scam to “Unlock” Their Tax Software Accounts

WASHINGTON—The Internal Revenue Service, state tax agencies and the tax industry today warned tax professionals to be alert to a new phishing email scam impersonating software providers.

The scam email comes with the subject line, “Access Locked.” It tells recipients that access to their tax prep software accounts has been “suspended due to errors in your security details.” The scam email asks the tax professional to address the issue by using an “unlock” link provided in the email.

However, the link will take the tax professional to a fake web page, where they are asked to enter their user name and password. Instead of unlocking accounts, the tax professionals actually are inadvertently providing their information to cybercriminals who use the stolen credentials to access the preparers’ accounts and to steal client information.

The Security Summit partners, which includes the IRS, state tax agencies and the nation’s tax community, remind tax professionals and taxpayers to never open a link or an attachment from a suspicious email. These scams can increase during the tax season.

Tax professionals can review additional tips to protect clients and themselves at the Security Summit’s awareness campaign, Protect Your Clients, Protect Yourself, on

For tax professionals who receive emails purportedly from their tax software providers suggesting their accounts have been suspended, they should send those scam emails to their tax software provider. For Windows users, please this process to help the investigation of these scam emails:

1. Use “Save As” to save the scam. Under “save as type” in the drop down menu, select “plain text” and save to your desk top. Do not click on any links.

2. Open a new email and attach this saved email as a file

3. Send your new email containing the attachment your tax software provider, as well as copy

February 2, 2017

Dangerous W-2 Phishing Scam Evolving; Targeting Schools, Restaurants, Hospitals, Tribal Groups and Others

Washington – The Internal Revenue Service, state tax agencies and the tax industry issued an urgent alert today to all employers that the Form W-2 email phishing scam has evolved beyond the corporate world and is spreading to other sectors, including school districts, tribal organizations and nonprofits.

In a related development, the W-2 scammers are coupling their efforts to steal employee W-2 information with an older scheme on wire transfers that is victimizing some organizations twice.

“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,’’ said IRS Commissioner John Koskinen.

When employers report W-2 thefts immediately to the IRS, the agency can take steps to help protect employees from tax-related identity theft. The IRS, state tax agencies and the tax industry, working together as the Security Summit, have enacted numerous safeguards in 2016 and 2017 to identify fraudulent returns filed through scams like this. As the Summit partners make progress, cybercriminals need more data to mimic real tax returns.

Here’s how the scam works: Cybercriminals use various spoofing techniques to disguise an email to make it appear as if it is from an organization executive. The email is sent to an employee in the payroll or human resources departments, requesting a list of all employees and their Forms W-2. This scam is sometimes referred to as business email compromise (BEC) or business email spoofing (BES.)

The Security Summit partners urge all employers to be vigilant. The W-2 scam, which first appeared last year, is circulating earlier in the tax season and to a broader cross-section of organizations, including school districts, tribal casinos, chain restaurants, temporary staffing agencies, healthcare and shipping and freight. Those businesses that received the scam email last year also are reportedly receiving it again this year.

Security Summit partners warned of this scam’s reappearance last week but have seen an upswing in reports in recent days.

New Twist to W-2 Scam: Companies Also Being Asked to Wire Money

In the latest twist, the cybercriminal follows up with an “executive” email to the payroll or comptroller and asks that a wire transfer also be made to a certain account. Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars due to wire transfers.

The IRS, states and tax industry urge all employers to share information with their payroll, finance and human resources employees about this W-2 and wire transfer scam. Employers should consider creating an internal policy, if one is lacking, on the distribution of employee W-2 information and conducting wire transfers.

Steps Employers Can Take If They See the W-2 Scam

Organizations receiving a W-2 scam email should forward it to and place “W2 Scam” in the subject line. Organizations that receive the scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3,) operated by the Federal Bureau of Investigation.

Employees whose Forms W-2 have been stolen should review the recommended actions by the Federal Trade Commission at or the IRS at

Employees should file a Form 14039, Identity Theft Affidavit, if the employee’s own tax return rejects because of a duplicate Social Security number or if instructed to do so by the IRS.

The W-2 scam is just one of several new variations that have appeared in the past year that focus on the large-scale thefts of sensitive tax information from tax preparers, businesses and payroll companies. Individual taxpayers also can be targets of phishing scams, but cybercriminals seem to have evolved their tactics to focus on mass data thefts.

Be Safe Online

In addition to avoiding email scams during the tax season, taxpayers and tax preparers should be leery of using search engines to find technical help with taxes or tax software. Selecting the wrong “tech support” link could lead to a loss of data or an infected computer.

Taxpayers searching for a paid tax professional for tax help can use the IRS Choosing a Tax Professional lookup tool or if taxpayers need free help can review the Free Tax Return Preparation Programs. Taxpayers searching for tax software can use Free File, which offers 12 brand-name products for free, at Taxpayer or tax preparers looking for tech support for their software products should go directly to the provider’s web page.

Tax professionals also should beware of ongoing scams related to IRS e-Services. Thieves are trying to use IRS efforts to make e-Services more secure to send emails asking e-Services users to update their accounts. Their objective is to steal e-Services users’ credentials to access these important services.

January 25, 2017

IRS, States and Tax Industry Renew Alert about Form W-2 Scam Targeting Payroll, Human Resource Departments

IR-2017-10, Jan. 25, 2017

WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today renewed their warning about an email scam that uses a corporate officer’s name to request employee Forms W-2 from company payroll or human resources departments.

This week, the IRS already has received new notifications that the email scam is making its way across the nation for a second time. The IRS urges company payroll officials to double check any executive-level or unusual requests for lists of Forms W-2 or Social Security number.

The W-2 scam first appeared last year. Cybercriminals tricked payroll and human resource officials into disclosing employee names, SSNs and income information. The thieves then attempted to file fraudulent tax returns for tax refunds.

This phishing variation is known as a “spoofing” e-mail. It will contain, for example, the actual name of the company chief executive officer. In this variation, the “CEO” sends an email to a company payroll office or human resource employee and requests a list of employees and information including SSNs.

The following are some of the details that may be contained in the emails:

• Kindly send me the individual 2016 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.

• Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).

• I want you to send me the list of W-2 copy of employees wage and tax statement for 2016, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Working together in the Security Summit, the IRS, states and tax industry have made progress in their fight against tax-related identity theft, cybercriminals are using more sophisticated tactics to try to steal evn more data that will allow them to impersonate taxpayers.

The Security Summit supports a national taxpayer awareness campaign called “Taxes. Security. Together.” and a national tax professional awareness effort called “Protect Your Clients; Protect Yourself.” These campaigns offer simple tips that can help make data more secure.

August 19, 2016

IRS Warns of Back-to-School Scams

PHOENIX - - The Internal Revenue Service today warned taxpayers against telephone scammers targeting students and parents during the back-to-school season and demanding payments for non-existent taxes, such as the “Federal Student Tax.”

People should be on the lookout for IRS impersonators calling students and demanding that they wire money immediately to pay a fake “federal student tax.” If the person does not comply, the scammer becomes aggressive and threatens to report the student to the police to be arrested. As schools around the nation prepare to re-open, it is important for taxpayers to be particularly aware of this scheme going after students and parents.

“Although variations of the IRS impersonation scam continue year-round, they tend to peak when scammers find prime opportunities to strike”, said IRS Commissioner John Koskinen. “As students and parents enter the new school year, they should remain alert to bogus calls, including those demanding fake tax payments from students.”

The IRS encourages college and school communities to share this information so that students, parents and their families are aware of these scams.

Scammers are constantly identifying new tactics to carry out their crimes in new and unsuspecting ways. This year, the IRS has seen scammers use a variety of schemes to fool taxpayers into paying money or giving up personal information. Some of these include:

• Altering the caller ID on incoming phone calls in a “spoofing” attempt to make it seem like the IRS, the local police or another agency is calling

• Imitating software providers to trick tax professionals--IR-2016-103

• Demanding fake tax payments using iTunes gift cards--IR-2016-99

• Soliciting W-2 information from payroll and human resources professionals--IR-2016-34

• “Verifying” tax return information over the phone--IR-2016-40

• Pretending to be from the tax preparation industry--IR-2016-28

If you receive an unexpected call from someone claiming to be from the IRS, here are some of the telltale signs to help protect yourself.

The IRS Will Never:

• Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail you a bill if you owe any taxes.

• Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.

• Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.

• Ask for credit or debit card numbers over the phone.

If you get a suspicious phone call from someone claiming to be from the IRS and asking for money, here’s what you should do:

• Do not give out any information. Hang up immediately.

• Search the web for telephone numbers scammers leave in your voicemail asking you to call back. Some of the phone numbers may be published online and linked to criminal activity.

• Contact TIGTA to report the call. Use their “IRS Impersonation Scam Reporting” web page or call 800-366-4484.

• Report it to the Federal Trade Commission. Use the “FTC Complaint Assistant” on Please add “IRS Telephone Scam” in the notes.

• If you think you might owe taxes, call the IRS directly at 800-829-1040.

August 11, 2016

New Phishing Scheme Mimics Software Providers; Targets Tax Professionals

IR-2016-103, August 11, 2016

WASHINGTON — The Internal Revenue Service today alerted tax professionals to an emerging phishing email scam that pretends to be from tax software providers and tries to trick recipients into clicking on a bogus link.

The email scheme is the latest in a series of attempts by fraudsters to use the IRS or other tax issues as a cover to trick people into giving up sensitive information such as passwords, Social Security numbers or credit card numbers or to make unnecessary payments.

In the new scheme identified as part of the IRS Security Summit process, tax professionals are receiving emails pretending to be from tax software companies. The email scheme requests the recipient to download and install an important software update via a link included in the e-mail. 

Once a recipient clicks on the embedded link, they are directed to a website prompting them to download a file appearing to be an update of their software package.  The file has a naming convention that uses the actual name of their software followed by an “.exe extension.”

Upon completion, tax professionals believe they have downloaded a software update when in fact they have loaded a program designed to track the tax professional’s key strokes, which is a common tactic used by cyber thieves to steal login information, passwords, and other sensitive data. 

Although the IRS knows of only a handful of cases to date, tax professionals are encouraged to be on the lookout for these scams and never to click on unexpected links in emails. Similar email schemes using tax software names have targeted individual taxpayers.

The IRS recently launched a new campaign to raise awareness among tax professionals about security threats posed by identity theft issues targeting their industry. The Protect Your Clients; Protect Yourself campaign features an ongoing effort to urge tax professionals to step up their security protections and be aware they increasingly are targets of cybercriminals.

The IRS urges all tax preparers to take the following steps:

•     Be alert for phishing scams: do not click on links or open attachments contained in e-mails and always utilize a software provider’s main webpage for connecting to them.

•     Run a security “deep scan” to search for viruses and malware;

•     Strengthen passwords for both computer access and software access; make sure your password is a minimum of 8 digits long (more is better) with a mix of numbers, letters and special characters;

•     Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;

•    Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.

Tax professionals should review Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security.

Taxes & Security Together

Instructions for Requesting a Copy of a Fraudulent Montana Tax Return

A victim of identity theft or a person authorized to obtain the identity theft victim’s tax information may request a redacted copy (one with some information blacked-out) of a fraudulent return that was filed and accepted by the Montana Department of Revenue using the identity theft victim’s name and social security number. Due to privacy laws, the victim’s name and social security number must be listed as either the primary or secondary taxpayer on the fraudulent return; otherwise we cannot disclose the return information. For this reason, we cannot disclose the return information to any person listed only as a dependent.

Partial or full redaction will protect additional possible victims on the return. However, there will be enough data for you to determine how your personal information was used.

To make the request, you will need to complete Form RTI, Request for Copies of Tax Information. Check the “other” box and write “copy of fraudulent return” and the “tax year” in the space provided. Mail or fax the Form RTI and supporting documentation using the address or fax number provided on the form.

For instructions for requesting a copy of a fraudulent tax return filed for federal purposes, visit the IRS Instructions for Requesting a Copy of Fraudulent Returns.