‘Tis the Season for Tax Returns and Tax Scams

By Elizabeth A. Whitman

My violin was made in 1962 by a luthier[1] named Umberto Lanaro[2], but it bears the label of Eligio Puccini[3] and says it was made in 1947.

Lanaro chose in effect to use Puccini’s identity when making my violin, as Lanaro received no obvious benefit from doing so. Lanaro came from a well-known family of luthiers, and Puccini did not, so the Lanaro name, if anything, would have been more impressive than Puccini’s. Further, Puccini, who was 30 years older than Lanaro, made very few violins, and Lanaro was to become a much more prolific and famous luthier than Puccini ever was. Finally, Lanaro’s use of Puccini’s label was not secret – the well-known dealer from which I acquired my violin was well-aware of the situation, as was I when I purchased the violin.

Although it is a mystery why Lanaro used Puccini’s “identity” when he made labeled my violin, money and theft were clearly the motives when, two years ago, an unknown person used my name and social security number to file an income tax return seeking a hefty tax refund. That identity thief almost got away with the crime too, as the attempted theft was thwarted only when the electronic tax refund bounced, causing the IRS to send me a very large check for my “refund.”

Since I had not yet filed my tax return, I quickly returned the refund check. I did not lose any money because of this theft. However, in order to file a tax return (even one without a refund), I have to provide additional identification in the form of a random PIN chosen by the IRS and changed every year.

Common Tax Scams

My experience is not an uncommon one. As tax season once again approaches, the scammers are likely to be out in full force.

Therefore, it is important for individuals, businesses of all sizes, and even tax professionals, to be aware of the most common methods of identity theft and to guard against them. Here are a few of the ways identity thieves have committed fraud in the tax area:

Wire Instruction Change. In a previous blog, When it Looks Like a Stradivari Violin but Isn’t: Protecting Yourself from Wire Fraud in Your Real Estate Transaction, I shared how by hacking into title companies’ e-mail, fraudsters were able to trick buyers into wiring large sums of money to the hacker’s bank accounts, instead of into the title companies’ escrow accounts. In the tax field, hackers have similarly hacked into or spoofed taxpayers’ e-mail accounts and requested that tax preparers change the taxpayers’ returns so that legitimate refunds are wired into the hacker’s bank accounts.

Tax preparers and taxpayers alike should be caution about relying upon changes of key information, such as a bank account number, via e-mail. It is best to relay that information via another communication method, or at least to verify it via a phone call to the phone number in one’s records (i.e. not the phone number on the e-mail).

W-2 Scam. Another popular scam in the tax area by identity thieves involves a request for payroll information. Typically, a hacker will hack into or spoof the account of a company executive and write to human resources (HR) or payroll expressing a need for payroll information or W-2 forms.  If the unwitting HR or payroll employee complies, then confidential personal information for all of the company’s employees goes into the hands of the fraudster.  In addition to this providing names and social security numbers, which can be used for a myriad of identity theft schemes, the Form W-2 information can be used to file fraudulent tax returns, which may be more difficult for the IRS to detect as such.

Tax Collection Scams. There are a number of tax collection scams. Some of the most common include:

Fake Private Collection Company Fraudsters may call, claiming to be a collection company hired by the IRS and threatening serious consequences, such as arrest, deportation, or home foreclosure if a tax bill of which the taxpayer previous was unaware is not paid immediately. Although the IRS has, in some instances, sent a small number of long-overdue tax accounts to private collection companies, that only has occurred when the taxpayer should have been well aware of the tax debt for years.  Furthermore, though the IRS can foreclose on a tax lien or cause a passport revocation, threats of imminent arrest, deportation, or foreclosure without any right of appeal are signs that a call may not be legitimate.

Phone Calls Offering an Opportunity for Credit Card Payment of Taxes Over the Phone Fraudsters may call claiming to be the IRS and offer the ability to take a credit card payment over the phone. The fraudsters can be quite convincing and may even have a spoofed caller ID or know part of the taxpayer’s social security number. Although the IRS does now have a mechanism to accept credit card payments under some circumstances, those payments are not accepted over the phone.

E-Mails Purporting to be from the IRS A fraudster may ask a taxpayer to log into a supposed online tax account or to pay supposedly past due taxes online via credit card or e-check. The IRS nearly always will first contact taxpayers via US Mail.  The IRS does have the ability to accept some payments via credit card or e-check, but those should be accessed through the IRS’ website, rather than clicking on an e-mail link.

Phishing Scams may target tax professionals or taxpayers. Fraudsters may send an e-mail mimicking a tax software provider instructing the recipient to download a software “update,” which may be a keystroke tracker. Similar scams may instruct a taxpayer or tax professional to sign onto their tax software website. Once the fraudster has the login information, the fraudster can access tax information, including names, addresses, and social security numbers.

Fight Tax Scams

         Here are some things you can do to combat tax scams:

If you receive a phone call, do not give information to the caller. Instead, hang up and call the IRS’s general number at 1-800-829-1040. Legitimate IRS employees at that number should be available to help you determine if you truly have a tax problem.

Do not click on links in e-mails. Do not click on a link in an e-mail. Tax software providers nearly always provide the opportunity to download updates directly from their websites or though an option inside of the software installed on your computer. Use those in lieu of any links.

Do not provide credit card or bank account information to anyone who contacts you. If you want to make a tax payment, either mail a check or use the IRS’ online payment system, available on the IRS website, www.irs.gov (click on “Pay” on the landing page).

Immediately Report to the IRS any fraudulent use of your social security number to file a tax return. In my instance, I immediately called the IRS, reported the fraudulent check, and received information on where to return the check. I did not cash the check but instead returned it via a traceable delivery method. I also filed IRS Form 14039 to officially report compromise of my personal information to the IRS.

Report the theft to the Federal Trade Commission at www.identitytheft.gov and consider having a fraud alert placed on your credit report. If you lost money because of identity theft, you may also need to file a police report, particularly if you have insurance to cover the loss.

Change passwords for any accounts you believe may have been compromised, using complex passwords that would not be easy for a fraudster to guess. One approach is to use the first words of a sentence that is near and dear to you, but which will result in a password with lower case and capital letters and numbers. For instance, I might use “My violin was made by Umberto Lanaro in 1962” to create the password “MvwmbULi1962.”     

Close any bank accounts or credit card accounts you believe may have been compromised and open new accounts with different account numbers AND different online user names and passwords.

Unlike my violin’s luthier, the motives of the tax scammers are obvious; they want to collect money at the expense of unsuspecting taxpayers. The scammers are creative, and they take advantage of the natural pressure taxpayers and tax preparers experience as they prepare tax returns and make final tax payments. However, taxpayers and tax preparers can, with care, stay a step ahead of the scammers and prevent unlawful access to and use of their personal info.


[1]  Music Geek Fact: A “luthier” is an individual who makes or repairs string instruments. Although nowadays, luthiers typically work on violins, violas, and cellos, originally, luthiers made only lutes.  Thus, the term “luthier” is derived from the French word for lute, which is ”luth.”

[2]  Umberto Lanaro was born in 1930 and trained under his older brother, luthier Luigi Lanaro. Umberto mostly worked out of Padua, although he spent several years with his brother in Argentina in the 1950’s. Unlike many luthiers, including his brother Luigi (who worked from Stradivari models) Unberto Lanaro shunned copying the work of others and rarely entered violin-making competitions, instead relying on the quality of his work to sell his instruments. Lanaro is an innovative luthier, particularly known for his uniquely-carved fittings and his violas, but he also made violins and cellos.

[3]  Eligio Puccini was born in 1900 and worked as a luthier in Empoli, Italy from approximately 1925-1950. Despite his sharing his surname with the famous opera composer, Giacomo Puccini (who was born 42 years some 30 miles away in Lucca, Italy), Eligio Puccini’s work as a luthier was neither prolific nor particularly well-known.

© 2018 by Elizabeth A. Whitman

For more information, please contact Elizabeth A. Whitman at (301) 664-7713 or eawhitman@mirskylawgroup.com

Disclaimer: The content of this blog is intended for informational purposes only. It is not intended to solicit business or to provide legal advice. Laws differ by state and jurisdiction. The information on this blog may not apply to every reader. You should not take any legal action based upon the information contained on this blog without first seeking professional counsel. Your use of the blog does not create an attorney-client relationship between you and Mirsky Law Group, LLC or any of its attorneys.

When it Looks Like a Stradivari Violin but Isn’t: Protecting Yourself from Wire Fraud in Your Real Estate Transaction

Fine violins do not have serial numbers, but they do typically have a label inside identifying the maker and frequently the year and location where the violin was made. Many violin makers, or luthiers[i] as they are known, like to copy well-known instruments, sometimes even down to the label inside the instrument, and the most famous violin maker, Antonio Stradivari, is also the most frequently copied.

Usually, the luthiers do not try to pass their Stradivari copies off as originals.  Even if they were to try to do so, the instrument’s age and sound quality of the copies usually would fall far short of a Stradivari and give them away.

Where there is a question regarding the origin of an old violin, modern technology provides additional tools, such as chemical analysis of varnish and dating of the wood, which can further aid in distinguishing genuine violins from famous makers from copies. Yet, identification of old instruments remains as much art and conventional detective work as it does science.

Unfortunately, in the banking world, fakes may not be as easy to detect. Many title and escrow companies have started putting warnings on their e-mails, which read something like this:

Online banking fraud is on the rise. If you receive an email containing Wire Transfer Instructions call your escrow officer immediately to verify the information prior to sending funds.

The National Association of Realtors has recommended that its members include the following language on their e-mail signature lines:

IMPORTANT NOTICE: Never trust wiring instructions sent via email. Cyber criminals are hacking email accounts and sending emails with fake wiring instructions. These emails are convincing and sophisticated. Always independently confirm wiring instructions in person or via a telephone call to a trusted and verified phone number. Never wire money without double-checking that the wiring instructions are correct.

Unfortunately, computer hackers are increasingly targeting real estate investors and home buyers for wire fraud via phishing. Unlike the luthiers who make Stradivari copies, the hackers in the real estate transactions can create realistic communications which can fool even the discerning investor.

How Hackers Can Steal Your Money in a Real Estate Transaction

In August 2017, a Washington, DC couple filed a lawsuit against their title company, claiming either title company fraud or lack of adequate security measures. The couple received an e-mail appearing to be from the title company requesting a wire transfer for their closing.  Since the e-mail appeared legitimate, they wired more than $1.5 million.  When the title company said it did not receive the money, the couple had to come up with an additional $1.5 million to close on their home purchase.

It sounds like this couple and title company may have been the victims of an all-too-common hacking scheme, which has been occurring in real estate transactions in recent years.  Here is how the fraud is carried out:

A hacker gains access to the e-mail account for one of the parties of the transaction.  Real estate brokers and title and escrow companies are common targets, because they advertise their services and conduct many transactions.

The hacker monitors the e-mail relating to one or more transactions, gathering detailed information about the transaction only known to the parties to those transactions. The hacker may even participate in communications by sending spoofed e-mails to parties so as to better set up the hacker’s end game.

When the hacker sees that the transaction is nearing the closing so that the buyer might be amenable to wiring funds into escrow, the hacker acts.

The hacker sends the buyer an e-mail, which appears to come from the real estate broker or title/escrow agent (and which in fact may be from the hacked account).  The e-mail provides wire transfer instructions, along with detailed information about the transaction and the amount of money to wire into the “escrow account,” which make the request seem legitimate.

If the buyer wires the funds, they go into the hacker’s bank account, possibly in a foreign country, and the funds are nearly immediate withdrawn.  It may be one or more days before the buyer shows up for his/her closing, only to learn that the payment is not in escrow and in fact has been stolen.

How to Protect Yourself  from Wire Fraud in Your Real Estate Transaction

Given this very real and potentially expensive threat, every real estate investor should take the following steps to protect him/herself from these very convincing phishing schemes in real estate transactions:

When entering financial information into a website, be sure it is legitimate and that it is secure (it should start with https, rather than http).

If you receive wire transfer instructions via e-mail, call to verify the information.

Before calling to verify the wire transfer instructions, verify the phone number you are calling – do not use a phone number from the e-mail sending the wire transfer instructions.

Both real estate investors and professionals should take the following steps so that they do not become the “weakest link” in the security for the real estate transactions in which they participate:

Do not send financial or other confidential via unencrypted e-mail.

Keep your virus and malware software up-to-date.

Install all security patches to your computer’s operating system.

If you use your laptop or tablet on a public Wi-Fi be sure your firewall is turned on

Use complex passwords containing a combination of capital and lower-case letters and numbers, and do not use the same password for every account. Passwords consisting of the first letters of the words in a phrase you find easy to remember combined with a number may be a good option.

Do not open attachments to e-mails or click on links in e-mails unless you are expecting them.

Use an account that does not have administrator privileges for your everyday computer usage. That makes it less likely that malware will be able to make changes to your system.

Modern technology may provide tools which aid in the evaluation of old violins, but other modern technology also can be used by hackers to commit wire fraud in real estate transactions.  By using a combination of old-fashioned detective work and the thoughtful use of technology where appropriate and being aware of the existence of copies or fakes, both string instrument professionals and real estate investors alike can prevent themselves from being the victims of fraud.

[i]  Music Geek Fact:  The term “luthier” is used to describe someone who makes or repairs string instruments.  Originally, however, luthiers made only lutes. The term “luthier” derives from the French word for lute, which is luth.

© 2017 by Elizabeth A. Whitman


Disclaimer: The content of this blog is intended for informational purposes only. It is not intended to solicit business or to provide legal advice. Laws differ by state and jurisdiction. The information on this blog may not apply to every reader. You should not take any legal action based upon the information contained on this blog without first seeking professional counsel. Your use of the blog does not create an attorney-client relationship between you and Mirsky Law Group, LLC or any of its attorneys.