Protect Yourself from Online Tax and Financial Scams

The holiday season is a busy time—and unfortunately, it’s also prime time for scammers. The Indiana Department of Revenue (DOR) has recently issued warnings about fraudulent text messages and other scams targeting taxpayers. And we've also seen a rise in the number of scams targeting business owners who use online accounting software, such as QuickBooks. Here’s what you need to know to keep your personal and financial information safe.

Beware of a Text Message Scam involving the Indiana Department of Revenue (IN DOR)

A renewed text message scam is circulating, asking for confirmation of bank account information for tax refund deposits. IN DOR will never send a text message asking for payment or banking details.

If you receive a text claiming to be from IN DOR:

• Do not click any links or respond to suspicious texts.

• Do not share personal or financial information (bank account details, driver’s license number, Social Security number, credit card info).

• Do not reply to the message.

• Contact IN DOR directly at 317-232-2240 (Monday–Friday, 8 a.m.–4:30 p.m. ET).

If you think you’ve been a victim:

• Change passwords for any compromised accounts immediately.

• Contact your bank or financial institution to report the incident and consider freezing or monitoring accounts.

• Place a fraud alert or credit freeze with all three credit bureaus.

• Monitor account activity closely.

• Report confirmed identity theft cases to the Federal Trade Commission.

• For additional resources, visit the IN DOR Identity Confirmation webpage.

Tips to Stay Safe

• Be cautious with emails and texts. The IRS and IN DOR will never email, text, or call demanding payment or personal details.

• Use strong passwords and enable multi-factor authentication on financial accounts.

• Monitor your credit reports and consider placing a fraud alert if you suspect identity theft.

• Never share sensitive information through email or text—even if the message looks legitimate.

• Report suspicious activity promptly to the appropriate authorities.

  
  

Beware of Scams involving QuickBooks

There have also been several recent reports of QuickBooks-related scams, and they’re becoming more sophisticated. Here’s a few things we've heard about:

Fake QuickBooks Support Calls:

Fraudsters pose as QuickBooks support agents, claiming your account has issues or your software is expiring. They pressure victims to pay for fake renewals or provide banking details. Some even request remote access to your computer. These scams have cost businesses thousands of dollars.

Red flags:

• Calls from unofficial numbers

• Requests for bank details or urgent payments

• False claims that switching to QuickBooks Online will cause data loss

Invoice & Payment Fraud:

Attackers send fake invoices or renewal notices that look legitimate, often using QuickBooks branding. Clicking links can lead to phishing sites or malware downloads. Some scams involve impersonating vendors and changing payment instructions to redirect funds.

Exploiting Legitimate QuickBooks Domains:

There’s been a significant spike in phishing attacks leveraging QuickBooks’ legitimate domain (@intuit.com). Cybercriminals create free QuickBooks accounts and send phishing emails from official-looking addresses, making these scams harder to detect.

Tips to Stay Safe

• Verify all communications: Official Intuit emails come from @intuit.com. Never trust links from ads or unknown sources.

• Enable Multi-Factor Authentication (MFA) on your QuickBooks account.

• Avoid remote access requests unless initiated by you through official channels.

• Report suspicious activity to Intuit via their Online Security Center.

• Educate your business team about phishing red flags and invoice fraud.

Final Thoughts

Scammers are getting more sophisticated, but you can protect yourself by staying alert and following these best practices. If you have any questions about this topic or a potential scam that you have encountered, please contact us.