"pay1040.com" looks fake. They have a low-rent SSL certificate. Since they handle large amounts of money, they should have an EV cert. Their Trustwave seal leads to FIS, which is a big company that does back-end processing for banks and other financial services. Their Entrust seal just leads to Entrust's main page.
Yet they really are an IRS approved payment processor.[1]
In the UK those protective measures don't work because of a difference in the way the phone systems work.
In the US when either party hangs up the phone the line is cleared; the call ends.
In the UK that only happens when the dialing party hangs up. The call is still connected if the dialed party hangs up. This used to be many hours. I think there's a 5 min limit now.
So, the scammer calls you; gives you the phone number and extension and name, and website. You hang up. You go to the real official gov website and see that the phone numbers given match. You then pick up your phone -- and the scammers play a fake dial tone; and you enter the number and they play a fake ring tone; then they "answer" the call.
This scam has been used to fleece people of their entire life savings - tens of thousands in one go, sometimes even hundreds of thousands of pounds. The scammers normally pretend to be the police investigating a criminal who works for your bank. They need you to transfer a bit of money into an account so they can trace it; then it builds up to a bit more.
And these people do not get their money back! In England if you make a bank transfer to a fraudster it's your fault and you lost that money.
I don't think it's about being smart or not. Most people are generally trusting and compliant and scammers exploit that with a refined process that they've iterated on over hundreds of other victims.
Yup; got a call from NCIS once (not the show, the real thing). The agent was more than happy to tell me what office she worked for and her name. I then looked up the number on navy.gov independently and got transferred back to her.
Fun fact: it was over a guy who was stealing equipment from the Navy and selling it online. Turns out they didn't want the equipment back (since it couldn't be re-deployed for security reasons). They just wanted me to testify against him. I believe he ended up pleading out once confronted so I never ended up testifying.
If someone fakes their caller ID candy you call the number they claimed to have, you're not going to reach the faker, you'll reach the legitimate owner of the number.
I have trouble with this story. I'm also a foreigner, and around approximately the same time (+/- 1 year) I made a mistake on my return and ended up owing some small amount like $150 or $200. They sent letters. I called them on the phone, and I mailed the check to an IRS office. They've also sent letters other times when I didn't owe money but should have filed with a different version of the form, and another time when I overpaid.
On general principle, I never deal with anything financial or legal over the phone. I listen if it seems legit, and then say 'Can you put it in writing? I like to have these things on paper.' I hope the call you received was an experiment which has since been abandoned by them.
