With smartphones providing 24/7 connectedness, and the aging of the US population, more and more innocent victims are falling prey to scammers. Whether it’s by phone, email, text message, social media, fax or mail, it can be a challenge to figure out what is a scam and what is real.
Phishing has been the most prevalent scam, where people open emails or visit websites that appear legitimate and are lured into providing personal and financial information. Lately, though, scammers posing as IRS or Microsoft employees have been particularly insidious – and successful. Since everyone knows to take the IRS seriously, and most people rely on Microsoft software for all or part of their computer needs, it isn’t difficult to understand how this happens.
The best plan of attack is to arm yourself with knowledge about how agencies like the IRS and companies like Microsoft contact their customers, and how to determine whether the caller is an employee of those organizations.
Internal Revenue Service
Across the country, taxpayers have been receiving calls from supposed IRS employees telling them they owe money, and that it must be paid promptly through a bank wire or prepaid card. These fraudsters sometimes threaten taxpayers with arrest, deportation or suspension of a business or driver’s license, and become hostile and insulting if you don’t pay them. You can find more information on these scams on the IRS website.
The only way the IRS initiates contact with taxpayers is by US mail – not by phone, email, text message, social media or fax. If you do receive a call from the IRS, record the employee’s name, badge number and call back number. Then call the IRS back directly at 1-800-366-4484 to determine if the person calling is actually an IRS employee, and if they have a legitimate reason for contacting you. Also, if you receive a letter in the mail from the IRS, you can verify that it’s legitimate on the IRS website.
The IRS recommends that if you suspect someone posing as an IRS employee has contacted you, report it promptly.
Similar to the IRS scam, thousands of people have received unsolicited calls from people claiming to be from Microsoft technical support, calling to help fix their computer, phone or tablet. The scammers have you visit what appears to be a legitimate website, then have you download malicious software onto your device. They may request credit card information for services, or direct you to a fraudulent website to enter the information. They identify themselves as employees of Windows Help Desk, Windows Service Center, Microsoft Tech Support, etc. You can get more information about these scams on the Microsoft website.
Here at Merriman, Tyler Bartlett recently received a call from one of these fraudsters posing as a Windows Help Desk employee. He immediately knew it was a scam because he uses a Mac at home, not a Windows computer. From Tyler’s experience, you can see the importance of being knowledgeable about the types of computers and devices you own and the software used on them on a regular basis.
Like the IRS, Microsoft does not initiate contact with customers. If you created a technical support case and you receive a call, you can verify the person is a Microsoft employee by matching up the Support ID given to you when you opened the case. If you didn’t initiate contact with Microsoft, get the person’s name, phone number and department, and then call Microsoft directly at 1-800-426-9400 to confirm that the caller is an employee with a legitimate reason for contacting you.
Keep in mind that Microsoft does not ask you to purchase software or services over the phone. If there’s any sort of fee or subscription for the service, or a payment request from someone claiming to be from Microsoft tech support, Microsoft recommends you hang up and report the incident to them and local authorities.
The IRS and Microsoft aren’t the only large organizations whose customers have been victimized. Customers of organizations like Bank of America, Chase Bank, PayPal and Apple have received phishing emails with catchy subject lines written to entice you to open them and provide personal and financial information. Be on the lookout for subject lines such as “We have temporarily disabled your account,” “Information about your account,” and “About your last transaction.” Rather than potentially giving away your information to a crook, it’s worth contacting the institutions directly to clear up any matters.
Even though it may take more time, it’s important to ask the right questions to verify the caller is an employee of the company, and that they have a good reason for calling you. Also, it’s important to be cautious when opening links or attachments in emails from unknown senders.