Guard against small business tax fraud
Country Folks
December 17, 2025

Guard against small business tax fraud

“More than 70% of cyber attacks are aimed at businesses with less than 100 employees.

 

“They’re not going for the big guys because the big guys can afford the big cybersecurity firms,” said IRS employee Sheba Gonzalez.

 

At an event hosted by USDA, Gonzalez and her colleagues, all IRS specialists in tax security and taxpayer education, provided advice for how small businesses – including farms – can avoid falling victim to cyber attacks and tax fraud.

 

Beware of Phishing Scams

Fake emails and text messages designed to trick users into providing valuable personal and financial information – phishing scams – are the most common type of tax-related fraud.

 

Beware of emails that request sensitive personal information such as banking details, passwords, dates of birth or Social Security numbers.

 

Check the website or email address by hovering over it. If the email claims to be from the IRS, but doesn’t say irs.gov, then it’s likely a phishing scheme.

 

Additionally, Anitra Weaver said, “if there is an email claiming to be from the IRS, first of all, we don’t normally communicate with our taxpayers via email.”

 

Phishing scams are often poorly written and contain suspicious attachments that should not be opened. Identify theft can occur when people click on these random attachments allowing scammers to obtain personal information.

 

These attachments can also download viruses and malware to the device.

 

Phishing scams are designed to induce a sense of urgency or panic in an attempt to pressure the reader into an immediate action. If the message is trying to pressure the reader to make a payment or change a password, it’s likely a scam.

 

“If you’re still unsure whether an email is legitimate, it’s better to be safe than sorry. Google the organization’s information and contact them directly.

 

But don’t use the contact information provided in the suspicious email,” said Weaver.

 

Tax-related phishing scams can be reported to phishing@irs.gov.

 

Recognize Tax-Related Identity Theft

The ultimate goal of a tax scammer is to trick people into providing sensitive personal financial information. Once the scammer has this information, they can use it to steal an identity and file false tax returns, called tax-related identity theft.

 

There are a number of warning signs that this may have occurred. First, a taxpayer may try to file their tax return, and the return is rejected because the Social Security number has already been used. Another warning sign is receiving a notice from the IRS inquiring about suspicious returns. Receiving a notice of a tax balance, that a refund has been offset or that collection action has been taken even though a return hasn’t been filed should also raise suspicion.

 

So should receiving a W-2 or 1099 from an employer that the taxpayer did not work for.

 

“We tend to see this when the scammers steal the victim’s identity, and they use their Social Security number to obtain jobs or to receive unemployment benefits without them even knowing,” said Weaver.

 

Educate Employees

Employees who have access to business accounts need to be trained in cybersecurity. “You’re not the only person that can allow these frauds into your system. Unfortunately, everybody that accesses email anywhere on your company computers can click on something and allow somebody else in,” said Gonzalez.

 

She suggested having regularly scheduled training sessions to discuss cybersecurity policies. She also explained that employees should have their own access and passwords to any applications the business uses.

 

This allows the owner to set security permissions and ensures that accounts can be quickly disabled when an employee leaves.

 

Set Up an Identity Protection PIN

A simple way to prevent tax fraud is to set up an identity protection (IP) PIN, a six-digit number that adds a layer of security to prevent fraudulent tax filings. The IP PIN, set by the IRS, helps to prevent criminals from filing fraudulent federal income returns or stealing refunds using an individual’s personal information. IP PINs are unique and only known to the IRS, the taxpayer and a trusted tax practitioner.

 

IP PINs are only valid for one calendar year; the IRS generates a new, unique PIN for each taxpayer in the program every year. The taxpayer must use the PIN any time they file a federal tax return, even if it is a prior year. The easiest way to obtain an IP PIN is online through the IRS. It’s also possible to enroll via mail, but the process can take up to 180 days. An IP PIN can also be obtained at a taxpayer assistance center.

 

A Few More Tips

Always use multifactor authentication, an additional security layer that requires the user to verify their identity when logging into online accounts.

 

For maximum security, the verification should go to a separate device from the one being used to log on.

 

Be careful about sharing personal information on social media. One presenter noted that scammers phish for security question answers through seemingly harmless polls. For example, they will query people to enter the make and model of their first car, a common security question used to authenticate a user.

 

Back up data to an external source not connected to your network, such as a thumb drive. Some attackers will deploy ransomware that can compromise all business information, including client data and everything stored on connected systems. Ransomware attackers can threaten to destroy files unless paid money. The reality, according to Gonzalez, is that even if the ransom is paid, the files will not be returned.

 

Above all else, err on the side of caution when something seems suspicious, whether it’s an email, text, phone call or any other communication claiming to be from the IRS, other government agency or institution.

 

“All of your data is like your money. Make sure you’re protecting it that way,” said Gonzalez.

 

by Sonja Heyck-Merlin

E-EDITION
ePaper
google_play
app_store
view current print ads
Latest News
How to keep a bathroom from making you sick
Lifestyle
How to keep a bathroom from making you sick
Andy Haman 
January 21, 2026
Homes are often characterized as sanctuaries for their inhabitants. When a home is warm and welcoming, it can be the perfect place to relax and get aw...
The TurfMutt Foundation unleashes 2026 backyarding trends
Gardening Farming, Lifestyle
The TurfMutt Foundation unleashes 2026 backyarding trends
Courtney Llewellyn 
January 21, 2026
The TurfMutt Foundation, which advocates for the care and use of backyards, public parks, school yards and other green spaces, predicts 2026 will be a...
Why hire a tax professional?
Events, Lifestyle
Why hire a tax professional?
January 20, 2026
Tax season, which begins in January and ends in April with the tax-filing deadline (tax day falls on April 15), can be a stressful time for people in ...
Egg recipe contest second runner-up recipe
Lifestyle
Egg recipe contest second runner-up recipe
Courtney Llewellyn 
January 16, 2026
The Virginia Egg Council used the American Egg Board’s 2025 campaign, “Meant to be Broken,” in last year’s search for the best egg recipes that would ...