• Blog
  • Latest News
  • Stimulus Check Phishing Scams: TurboTax Tips to Prevent Identity Theft
phishing
phishing

Stimulus Check Phishing Scams: TurboTax Tips to Prevent Identity Theft

Read the Article

This content is for the first coronavirus relief package, which was signed into law in March 2020. For info on the third coronavirus relief package, please visit our “American Rescue Plan: What Does it Mean for You and a Third Stimulus Check” blog post.

With each refund season often comes phishing season. This year, with 80% of Americans expected to receive stimulus checks as part of the Coronavirus Aid, Relief and Economic Security Act (CARES) Act — a $2 trillion stimulus package that provides financial relief to individuals, families, and businesses — there will likely be even more phishing scams to be aware of. 

You may be thinking about the type of fishing you did on those warm sunny days when you were a kid, but we’re talking about scammers sending you a very real-looking – but very fake – phishing email or an official-sounding phone call, with the intent to lure you into giving them your personal and financial information.

Phishing refers to fake email messages that pretend to be from a legitimate company. The messages are designed to trick the recipient into giving personal information to fraudsters or downloading a malicious attachment. We typically see a spike in these types of phishing emails during the tax season and consumers should be especially vigilant in the wake of continuous updates related to COVID-19.

The IRS recently issued a warning about Coronavirus-related scams tied to stimulus checks. Here is what you need to know.

The IRS will not call you or email you to request or verify your personal and financial information for your stimulus check, or suggest that you can get your refund faster by providing personal information or paying a fee over the phone. 

For retirees and recipients of Social Security retirement or disability income, no one from the IRS will be reaching out by phone, email, mail, or in-person asking for information in order to issue a stimulus check. The IRS is issuing stimulus checks to recipients of Social Security income directly based on their Form SSA-1099 or RRB-1099 and no further action is needed to receive it.

 In addition to phone calls and emails, scammers may also try to target you through text messages, websites and social media.

Stimulus payment-related scams may include the below:

  • Ask you to sign over your stimulus payment to them.
  • Tell you some or all of your information is missing and ask you to share it in order to receive or speed up your payment.
  • Suggest that by working with them you will receive your check faster. Do not pay anyone a fee to help get your stimulus check, there are no shortcuts to getting your payment.
  • Mail you a bogus check and say you must call a number or verify your information online in order to cash it.

Also, correspondence from the IRS will always include the official language of the stimulus, “economic impact payment.”

The FCC is cautioning small businesses, as well, as some have reported getting scam calls about virus-related funding or loans and online listing verification. Again, the IRS won’t ask for information or payments over the phone.

Rest assured, we are vigilant about keeping our customers informed and empowered to protect themselves.

At Intuit TurboTax, we place the highest importance on protecting our customers’ data and privacy. We are doing our best to stop phishers and protect our customers. TurboTax will post any known alerts at security.intuit.com to help people separate the fact from what is fake. The site includes advice on how to protect your identity and your computer from criminals. To get a better idea of what a phishing email might look like, you can find examples at security.intuit.com.

Phishing emails can be difficult to detect to the untrained eye. The sender will copy logos, headers and other content used in legitimate company emails, but they often leave telltale clues that can tip you off to their true motives. 

Remember legitimate companies would not ask you to provide personal or sensitive information through email. The IRS also will never communicate or request personal information via unsolicited email. It is important that you do not click on the links, open the attachments or provide any personally identifiable information in response to these emails.

If you do receive a suspicious email, DO NOT take any action other than forwarding the email to security@intuit.com. You can protect yourself, and others from being lured. Information is power. The more we work together to identify and alert other customers about phishing scams, the safer everyone will be.

Leave a Reply