Protecting Your Business from Tax-Related Identity Theft in 2026
- Howard P. Vollenweider, Jr.

- 2 days ago
- 3 min read
The IRS continues to warn businesses about increasing tax-related identity theft, phishing attempts, and financial scams. While fraudulent tax returns and stolen Social Security numbers have long been concerns, today's threats have expanded far beyond individual taxpayers.
Artificial intelligence, sophisticated phishing emails, fake government notices, and business impersonation schemes are making it easier for criminals to target businesses and harder for owners to recognize fraudulent activity.
According to Howard P. Vollenweider, Jr., Partner at Griffin & Furman, one of the biggest changes over the past several years is that businesses have become just as attractive to criminals as individuals.
"Many business owners still think identity theft is only a personal issue. In reality, businesses are increasingly being targeted through fraudulent tax filings, fake business entities, loan applications, and phishing schemes designed to steal sensitive financial information."
Remember: the IRS does not initiate contact by email, text message, or social media to request personal or financial information. "If an email claims to be from the IRS requesting personal information, payment, or directing you to click a link, it's a red flag. Businesses should always verify those communications before responding." (Howard P. Vollenweider, Jr.) |
The Financial Impact Extends Beyond Taxes
Tax-related identity theft doesn't always end with a fraudulent tax return or refund.
Businesses may experience damaged credit, fraudulent loans opened in the company's name, unauthorized accounts, or years of correcting financial records after an incident occurs.
These consequences often create operational disruptions long after the original fraud has been discovered and resolved.
Internal Controls Remain One of the Best Defenses
While cybersecurity tools play an important role, many successful fraud cases begin with weaknesses in everyday financial oversight rather than sophisticated technology.
"One of the most common issues is that business owners become too removed from their day-to-day financial activity. The less visibility an owner has, the easier it becomes for fraud to go unnoticed." (Howard P. Vollenweider, Jr.)
Howard recalls working with business that gave trusted employees excessive financial authority without sufficient oversight.
In one instance, an office manager had access to the owner's signature stamp and used it to issue unauthorized checks.
In another, an office manager filed paperwork with the Secretary of State listing herself as a company officer before opening a separate bank account for personal use.
Neither situation involved a cybersecurity breach. Instead, both resulted from weak internal controls and limited owner involvement.
Businesses Shouldn't Overlook Backup Security
Backup systems can also become a significant vulnerability.
Many organizations assume that having backups automatically protects their information. However, backup systems themselves can become targets if they are not properly secured.
"We've seen situations where hackers gained access to backup files because businesses assumed those systems were protected. Regularly reviewing how backups are secured is just as important as having them." (Howard P. Vollenweider, Jr.)
Practical Steps Businesses Can Take
Reducing the risk of tax-related identity theft requires a combination of strong cybersecurity practices and sound financial controls. Businesses should regularly review the following:
Use strong, unique passwords and update them regularly.
Enable multi-factor authentication (MFA) on financial and tax-related accounts.
Verify payment requests and banking changes by phone before processing them.
Limit employee access to payroll, tax, and financial information.
Review Secretary of State filings periodically to confirm no unauthorized changes have been made.
Monitor financial accounts and tax activity throughout the year.
Maintain active oversight of your business’s finances and internal controls.
If you have questions about strengthening your internal controls or reducing your risk of tax-related identity theft, our team is here to help. Contact Griffin & Furman to learn how we can help protect your business.




Comments