The Southbourne Tax Group: Beware the Latest Tax-Season Spear-Phishing Scam


You may have heard of the CEO scam: that’s where spear-phishers impersonate a CEO to hit up a company for sensitive information.

That’s what happened to Snapchat, when an email came in to its payroll department, masked as an email from CEO Evan Spiegel and asking for employee payroll information.

Snapchat’s payroll department fell for it. Ouch.

Here’s a turn of that same type of screw: the Internal Revenue Service (IRS) last week sent out an urgent warning about a new tax season scam that wraps the CEO fraud in with a W-2 scam, then adds a dollop of wire fraud on top.

A W-2 is a US federal tax form, issued by employers, that has a wealth of personal financial information, including taxpayer ID and how much an employee was paid in a year.

This new and nasty dual-phishing scam has moved beyond the corporate world to target nonprofits such as school districts, healthcare organizations, chain restaurants, temporary staffing agencies and tribal organizations.

As with earlier CEO spoofing scams, the crooks are doctoring emails to make the messages look like they’re coming from an organization’s executive. Sending the phishing messages to employees in payroll or human resources departments, the criminals request a list of all employees and their W-2 forms.

The scam, sometimes referred to as business email compromise (BEC) or business email spoofing (BES), first appeared last year. This year, it’s not only being sent to a broader set of intended victims; it’s also being sent out earlier in the tax season than last year.

In a new twist, this year’s spam scamwich also features a followup email from that “executive”, sent to payroll or the comptroller, asking for a wire transfer to a certain account.

The wire transfer scam isn’t tax-related: it’s just hitching a ride on the tax-related W-2 scam. Some companies have been swindled twice: they’ve lost both employees’ W-2s and thousands of dollars sent out via the wire transfers.

The IRS is telling organizations that receive the W-2 scam emails to forward them to Phishing IRS, with the subject line of “W2 Scam”.

If your business has already fallen for the scam, it can file a complaint with the Internet Crime Complaint Center (IC3), operated by the FBI. Employees whose W-2 forms have been stolen should review the recommended actions by the Federal Trade Commission or the IRS identity theft.

The IRS says that employees should also file a Form 14039 Identity Theft Affidavit (PDF) if their own tax returns get rejected because of a duplicate Social Security number or if instructed to do so by the IRS.

How to sidestep the scam

But before you even get to the sad state of having to file a report about getting ripped off, it’s better to avoid falling for the bait in the first place.

Unfortunately, that’s getting tougher as crooks get more and more cunning. Case in point: the carefully crafted, well-disguised attack that led to the hacking of Clinton campaign chair John Podesta’s Gmail account. The attack relied on a shortened Bitly link to mask nefarious HTML code.

Screenshots of the Bitly link used against Podesta show that even the longer links hiding behind rigged Bitly links can be made to look, to an untrained eye, like they’re legitimate.

One step that can protect against phishing attacks is to pick proper passwords. Even though strong passwords don’t help if you’re phished (the crooks get the strong password anyway), they make it much harder for crooks to guess their way in.

Use two-factor authentication whenever you can. That way, even if the crooks phish your password once, they can’t keep logging back into your email account.

Also, consider using Sophos Home. The free security software for Mac and Windows blocks malware and keeps you away from risky web links and phishing sites.


The Southbourne Tax Group: BBB Offers Tips on Filing Taxes, Avoiding Fraud

While all working citizens should have had their W-2 form delivered by now, it’s important for taxpayers to take time and use caution when selecting a tax preparer you can trust.

It’s important to avoid mistakes that could result in additional fees or even tax identity theft.

Unfortunately, identity theft is not the only thing to watch out for when enlisting the help of a tax preparer or tax software to file your taxes. BBB receives thousands of complaints from consumers against tax preparers every year.

In 2016, BBB received nearly 3,000 complaints against tax preparation businesses nationwide.

Common complaints state that the tax preparer made errors in their return which resulted in fines and fees. Other complaints allege customer service, billing and contract issues.

BBB offers the following advice when searching for a tax preparer:

* Look for credentials. Ideally, your tax preparer should either be a certified public accountant, a tax attorney or an enrolled agent. All three can represent you before the IRS in all matters, including an audit.

* Don’t fall for the promise of a big refund. Be wary of any tax preparation service promising larger refunds than the competition. Avoid any tax preparer who bases their fee on a percentage of the refund.

* Think about accessibility. Many tax preparation services only set up shop for the months leading up to the April 15 deadline. In case the IRS finds errors, or in case of an audit, make sure you are able to contact you tax preparer at any time of the year.

* Read the contract carefully. Read tax preparation service contracts closely to ensure you understand issues such as how much it is going to cost for the service, how the cost will be affected if preparation is more complicated and time consuming than expected and whether the tax preparer will represent you in the case of an audit.

* Ask around. Ask family, friends or co-workers for recommendations on filing your taxes, whether it’s through a CPA, tax preparation business or online tax service that allows you to file your own taxes. To find a BBB Accredited tax preparation business near you, go to bbb.org.

Tax season is also a busy time for identity thieves. Tax identity theft occurs when someone uses your Social Security number to get a tax refund, or a job.

According to the Federal Trade Commission (FTC), tax identity thieves get your personal information in a number of ways, including: going through your trash or mailbox; through emails asking for information, which appear to come from the IRS; employees at hospitals, nursing homes, banks and other businesses stealing data; and phony or dishonest tax preparers misusing confidential information or passing it along to identity thieves.

To lessen the chances of becoming a victim of tax identity theft, the FTC has the following advice, whether you choose to file your return yourself or use a tax preparer:

* File your tax return early. And do it before identity thieves have a chance to steal your information. Also, make sure your address is up-to-date so your W-2 doesn’t get lost in the mail or end up in the wrong hands.

* Use a secure Internet connection. If you file your return electronically, don’t use unsecure, publicly available Wi-Fi hotspots.

* Shred documents. This includes copies of your tax return, drafts or calculation sheets you no longer need. The IRS recommends that most people keep three years’ worth of tax returns in case of an audit. Keep hard copies and electronic files in a secure location.

* Check your credit report. To ensure your identity hasn’t been stolen or compromised, go to annualcreditreport.com to get your free credit report.


The Southbourne Tax Group: Accounting For Half-Truths


A report by a brokerage on Satyam Computers gives an 'accumulate' rating, which means it expects the stock to go up. The rating is based on the company's high cash/market cap ratio. The information technology company had reported a cash balance of Rs 4,500 crore at the end of the 2007-08 financial year. The report gives a one-year price target of Rs 373 for the stock. The stock closes at Rs 273 the day the report is written.

January 2009: The same brokerage releases a hurriedly-compiled report suspending the previous rating. "Low market cap, high cash status no longer holds," it says. On 7 January 2009, the founder of Satyam Computers admits to inflating cash and bank balances by Rs 5,040 crore, overstating debtors' position (money lent) of Rs 2,650 crore as against the actual figure of Rs 490 crore and non-disclosure or understatement of liabilities worth Rs 1,230 crore.

The Satyam accounting scam, one of the biggest in India, left millions of investors in the lurch, as the stock fell from Rs 179 to Rs 23 in one trading session.

The inability of stock analysts to identify the 'gaps' in Satyam's books and ring warning bells proved costly for investors. Had investors known the basics of reading financial statements and techniques used by companies to report false numbers, they would have asked their advisors a few valid questions about Satyam's finances.

Some would argue how lay investors could see red flags when experts failed to do so. It's a valid argument, though we believe that with a little bit of learning you can see what professionals cannot.

We discuss a few common forms of accounting frauds companies indulge in and signs that may alert you to wrongdoing -

FINANCIAL REPORTS

A company's financial health can be gauged through three statements - balance sheet, profit and loss account and cash flow accounts.

A balance sheet records a company's assets (land, machinery, inventory, cash balance, investments, loans given), liabilities (loans taken, income tax payable, tax liabilities) and owner's equity. It is generally prepared annually.

A profit and loss statement (or income statement) records a company's earnings and expenses. Any company whose shares are traded on exchanges is required to release its income statement every quarter.

A cash flow statement tells us where cash is coming from (inflow) and how it is being used (outflow). There are three types of cash flow-operating cash flow (sale of goods, revenue from services, interest/dividend received, payment for purchases, payment for operating expenses), investing cash flow (sale and purchase of assets, sale and purchase of debt/equity, loans advanced to others) and financial cash flow (issue of equity shares, borrowing, repayment of debt).

Notes to accounts are important as they detail the accounting policies followed, pension and other post-employment benefits and potential liabilities/losses.

MANIPULATION OF STATEMENTS

There are many items in financial statements for which companies use different policies. These are inventory valuation, investments and fixed assets, conversion of foreign currency and asset depreciation.

Companies often manipulate these to inflate revenue, assets, cash inflow and understate expense, liabilities and cash outflow in financial statements.

INFLATING EARNINGS

1) Lending to customers: Sometimes companies lend money to customers to buy their goods. This way they can report high revenue in the income statement and high receivables (treated as an asset) in the balance sheet.

2) Trade stuffing: Companies use this usually just before the end of a reporting period. They ship goods to customers even though the latter may not need them immediately. This increases sales ahead of the reporting period.

3) Understating provisions: Companies often allow credit sales on generous terms, sometimes even to customers with a poor credit history. Ideally, in such sales, the company should set aside a higher amount for bad debt provisioning. This amount is recorded as a liability. Understating such liabilities is another way of 'enhancing' the financial statement.

4) Round-tripping: This means getting into fictitious transactions with related parties to inflate revenue. In round-tripping, a company sells unused assets to a party with the promise of buying back at a later date at the same price.

UNDERSTATING EXPENSES

1) Spreading out expenses:According to accounting norms, if an expense has been made for acquiring an asset whose benefits the company will avail of over a long term, the expense is to be reported in the books in a spread-out manner over that period. The process is called capitalising. Companies often use this to delay recognition of short-term expenses.

2) Cookie jar accounting: Companies put aside money for possible loan defaults. Some companies, during periods of high revenue growth, increase the amount and release the same during periods of poor revenue, offsetting the impact of low sales growth. Among other common forms of financial statement manipulation are revaluation of assets, showing unrealised gains as profits and assigning higher values to fixed assets.

3) Off-balance sheet items: Some assets/liabilities or financing activities are not fully recognised in the balance sheet due to the complexity of transactions involved. These include pension assets and liabilities, assets and liabilities of joint ventures and unconsolidated subsidiaries and lease arrangements. These are recorded in footnotes of financial statements.

Many companies resort to off-balance sheet financing by way of entering into joint ventures, research and development partnerships and lease contracts. Floating special purpose entities or subsidiaries to expand business is another off-balance sheet arrangement.

As the liabilities/risk involved in such transactions are not reflected in the balance sheet, one may draw wrong conclusions about a company's financial health. It is, therefore, necessary to check the footnotes of financial statements.

RED FLAGS

Some manipulations we mentioned earlier are difficult to detect even for finance professionals. Here are some indicators of rot in a company's financial books.

Continuous high level of cash, cash equivalents and current assets: Satyam Computers showed high cash balance over the years. Later it turned out it had inflated cash and bank balances by as much as Rs 5,040 crore.

Reported earnings consistently higher than cash flow: If cash flow from operating activities of a company is consistently less than the reported net income, it is a warning sign. The investor must ask why operating earnings are not turning into cash.

Sudden increase in inventory/sales ratio: This indicates the company may be inflating assets such as inventories.

Spurt in other income: Revenue sources recorded under other income are non-recurring and may include earnings from asset sales and closure of debt or debt restructuring. However, sources of earnings are seldom disclosed under this head. A sudden spurt should raise eyebrows.

Frequent changes in policies: Earnings and assets can be inflated by alternative accounting policies. If one sees frequent changes in these policies, there may be something fishy about the company's books.

Financial ratios not in line with industry peers: This could be due to inflated earnings, asset valuation or understating of expenses and liabilities.

Too many off-balance sheet transactions: If a company has been expanding by creating special purpose entities and has entered into many lease contracts, it is possible a lot of liabilities are not reflected in its balance sheet.

We have seen in the past that many respected and renowned companies have been charged with manipulation of account books. Therefore, investors must stop treating financial statements issued by companies as gospel truth and scan them carefully to detect possible foul plays.