Posts Tagged: ‘income tax identity theft’

Scam of the day – October 29, 2016 – IRS impersonation scam busted

October 29, 2016 Posted by Steven Weisman, Esq.

Following an exhaustive three year joint investigation by numerous federal agencies  led by the Justice Department, indictments were announced Thursday of 56 people and 5 illegal call centers accused of posing as IRS agents, calling unsuspecting victims in the United States and threatening them if they did not pay phony tax bills. Although the people indicted, including 20 who have already been arrested, were in both the United States and India, the call centers were all located in Ahmedabad India.  The alleged scammers obtained the names of their potential victims from various legitimate data brokers.  These indictments were not related to the police raid earlier this month in India which resulted in the arrest of 70 people charged similarly.

According to the Justice Department,the scammers used a network of co-conspirators in the United States to launder the funds obtained from the victims, most commonly through prepaid debit cards or wire transfers.  The prepaid debit cards were laundered using information stolen from thousands of identity theft victims.  The biggest amount paid by a victim of this scam was paid by a Californian who paid $136,000 to the scammers.


This scam is easy to avoid.  Don’t trust your Caller ID because by using a technique called spoofing, a scammer can make his or her call appear to be from the IRS on your Caller ID.  Trust me, you can’t trust anyone.  The easiest way to recognize if a call from the IRS demanding money is a scam is to be aware of the fact that the IRS will never initiate contact with a taxpayer to collect overdue taxes by a phone call, email or text message.  Any such communication is from a scammer so you should just ignore it.   Additionally, unlike the IRS, the scammers often demand that payments be made immediately by prepaid debit cards, wired funds or even iTunes gift cards, which is something that the IRS will never do.

Scam of the day – October 21, 2016 – Report issued critical of IRS efforts to fight identity theft

October 21, 2016 Posted by Steven Weisman, Esq.

Yesterday, the Treasury Inspector General for Tax Administration (TIGTA) issued a report regarding its investigation into the IRS’ electronic authentication controls.  The investigation was prompted by identity thieves using the IRS’ Get Transcript program to obtain the former income tax returns filed by an estimated 724,000 taxpayers and use the information contained in those income tax returns to file phony income tax returns using the names of the victimized taxpayers and obtain fraudulent refunds.   The IRS did not become aware of the vulnerability of the Get Transcript program until May of 2015 and shut down the program until it was reintroduced with what the IRS said was increased security in June of 2016.   The idea behind the IRS’ Get Transcript program was a good one, namely permitting taxpayers to get access to copies of their tax returns from previous years conveniently and electronically.  An essential element of such a program is a strong authentication process to keep identity thieves from accessing this sensitive material and unfortunately, the authentication protocol used by the IRS was quite inadequate and did not meet industry standards resulting in the data breaches affected 724,000 taxpayers.  In one instance the TIGTA report indicated that the IRS missed an attempt by a hacker to attempt to gain access to a victim’s tax return 902 times in a single 24 hour period.

The TIGTA report made seven specific recommendations for increased IRS security in regard to the electronic authentication process to gain access to taxpayers’ records and the IRS has agreed with all seven, however, a number of the recommendations have still not been implemented by the IRS and the system is still not as secure as it should be.


The best way to avoid income tax identity theft is to file your income tax return as soon as possible because even an identity thief in possession of your Social Security number and other personal information that would enable him or her to file a phony income tax return in your name would not be able to get a payment from the IRS if you had already filed your return.

Scam of the day – September 20, 2016 – Income tax identity thief sentenced

September 19, 2016 Posted by Steven Weisman, Esq.

Jesse Scott Wilson  of Alaska was recently sentenced to 92 months in prison for his role in an income tax identity theft ring that electronically filed at least 428 phony income tax returns using stolen Social Security numbers resulting in refunds of $681,258 being paid to Wilson and his three cohorts.  Wilson will not have to go far in order to start his prison sentence because both he and his fellow conspirators were already incarcerated in an Alaska prison throughout the time that they managed to pull of their crime.  This just serves as an example of how incredibly easy it has become for someone to commit income tax identity theft which costs the American taxpayers billions of dollars each year.

In 2015 the IRS instituted a new cooperative effort between the IRS, state tax administrators and private tax preparation leaders.  Included among the steps being taken are review by the IRS of the IP address of computers filing income tax returns to identify computers filing multiple returns and reviewing the time it takes to complete an electronic income tax return which can also help identify fraudulent returns since completing a fraudulent return generally takes less time than a legitimate return.  In addition, income tax preparation software companies will be using enhanced validation protocols including increased use of security questions.

However, all of these steps which are expected to cost taxpayers an additional 281 million dollars to implement totally miss the point.  The easiest and simplest way to dramatically reduce income tax identity theft still is not being done by Congress, namely changing the laws regarding employers filing of W-2s.  Under present law, for the upcoming tax filing season, employers must file W-2s with the federal government by February 29th if they file paper W-2s and as late as March 31st if they file, as so many do, electronically.  Unfortunately Congress in its infinite wisdom requires these W-2s to be filed with the Social Security Administration (SSA) by those dates.  The SSA does not send the W-2s to the IRS until July so the IRS does not get around to matching the W-2s filed by employers with those filed by individual taxpayers with their income tax returns until months after the IRS has already sent a refund based on the W-2 filed by the taxpayer or identity thief.  In order to dramatically reduce income tax identity theft, all Congress has to do is merely require employers to file W-2s with the IRS instead of waiting for the SSA to send them to the IRS.  It also would make much more sense than Congress appears to have to require the IRS to match those employer filed W-2s with those filed by individual taxpayers BEFORE sending out a refund in order to easily identify counterfeit W-2s.  For years Congress has been advised to make these simple changes, but it still fails to do so.


Try as it may, the IRS is having a difficult time stopping income tax identity theft by which an identity thief steals your personal information and files a phony income tax return using your name and gets a refund.  Along with protecting your personal information, particularly your Social Security number as much as you can, the best thing you can do to avoid becoming a victim of income tax identity theft is to file your income tax return early.  Income tax identity theft can only work when the criminal is able to file an income tax return using your name and Social Security number before you file your own legitimate income tax return so consider filing as early as possible.

Scam of the day – July 4, 2016 – Steve Weisman’s latest column from USA Today

July 4, 2016 Posted by Steven Weisman, Esq.

Sometimes the job of protecting ourselves from identity theft can seem to be overwhelming, which is why I wrote this column for USA Today that provides you with some simple and easy to take steps to reduce your chances of becoming a victim of identity theft.  Here is a link to that column.

Scam of the day – April 15, 2016 – Tax scams multiply as filing deadline approaches

April 15, 2016 Posted by Steven Weisman, Esq.

Today, April 15th is the usual deadline for filing your federal income tax return, however, as many people know, if the 15th falls on a weekend, the filing deadline is pushed back to the next Monday.  If April 15th is a holiday, the filing date is also pushed back.  This year, April 16th is Emancipation Day, which is a legal holiday in Washington D.C. and because it falls on a Saturday, federal employees have the preceding Friday, April 15th, off from work which pushes the filing deadline to the next business day, which is Monday, April 18th.  If that isn’t complicated enough, if you live in Massachusetts or Maine, you have until April 19th to file your tax returns because April 18th is Patriot’s Day, a state holiday in those two states.

In any event, scammers and identity thieves don’t take off holidays and the IRS is warning people again about an increase in income tax scams that are occurring in the final days before the income tax filing deadline.  There are a number of various scams tied to income tax filings, but they generally fall into four categories.  The first is when you get a telephone call purporting to be from the IRS informing you that if you don’t send them money right away, you will be arrested or suffer some other serious penalty.  The second is when you receive an email or text message apparently from the IRS requiring you to verify information in order to receive your refund.  You supply this information by clicking on a link.  The third is when you receive a telephone call apparently from the IRS asking you to confirm personal information over the phone in order to receive your refund.  The fourth is when you receive a call, text message or email from your online tax preparation company requiring you to confirm personal information.

All of these are scams that will either directly steal your money or provide the identity thieves with personal information they can use to make you a victim of identity theft.


The IRS will not call you and threaten you in order to collect outstanding taxes and they will not require you to wire money to them.  Even if your Caller ID indicates it is the IRS calling, scammers using a technique called “spoofing” can make it appear on your Caller ID that it is the IRS calling when it is not.  If you get a call from someone purporting to be from the IRS initiating contact about collecting overdue taxes, it is a scam.  It is that simple.  Just hang up.

The IRS will not be contacting you by phone, email or text messages to confirm information regarding your tax return, so never provide personal information in response to being contacted in these ways by someone pretending to be with the IRS.  In addition, merely by clicking on a link contained in such electronic messages could download malware that could steal your personal information from your computer and use it to make you a victim of identity theft.

Phony emails or text messages from your online tax preparation company requesting personal information is a very prevalent scam this year.  Whenever you get an email or text message from anyone asking for personal information, do not provide it unless you have independently confirmed that it was legitimate.  Trust me, you can’t trust anyone.

Here is a link to the IRS’ recent warning.

Scam of the day – March 5, 2016 – New problems for victims of income tax identity theft

March 5, 2016 Posted by Steven Weisman, Esq.

Becoming a victim of income tax identity theft is very distressing.  Identity thieves file federal or state income tax returns in your name and using your Social Security number along with a counterfeit W-2 in order to claim a fraudulent refund.  According to the IRS, it paid out 5.8 billion dollars in 2013 to income tax identity thieves.  Often, it is not until the victim of income tax identity theft later files his or her own legitimate income tax return after the identity thief has filed one using the victim’s information that the IRS becomes aware that a crime has occurred.  It then takes, on average, 278 days before the IRS is able to investigate individual instances of income tax identity theft and return to the victimized taxpayer, his or her legitimate refund.

In an effort to reduce the chance that victims of income tax identity theft will not be victimized again, the IRS will issue, upon demand, an Identity Protection PIN, which is a six digit PIN to be used by the previously victimized taxpayer when filing his or her federal income tax return to insure that the income tax return filed is not from an identity thief.  Unfortunately, as recently reported by KrebsOnSecurity, the Identity Protection PIN program has been hacked by identity thieves due to the failure of the IRS to use a strong authentication protocol when someone tries to retrieve their PIN from the IRS.  Presently all that the person attempting to get the PIN has to do is answer four personal information questions, the answers to which can be easily obtained through various online sources including the victim’s Facebook page and other social media.  It was this same authentication vulnerability that led to the theft of personal information of 724,000 people through the IRS’ Get Transcript program.  This failure of the IRS to better protect people who have already been victims of identity theft is disappointing.


If you are one of the 2.7 million people who have an Identity Protection PIN, you should be aware that due to the vulnerabilities of the IRS’ authentication protocol, you are not as protected from becoming a repeat victim of income tax identity theft as you might have thought.  Therefore it is important to file your income tax return as early as possible in order to beat a potential income tax identity thief to the punch.  In fact, filing early is the best defense against income tax identity theft for everyone regardless of whether you have previously been a victim of income tax identity theft.

Scam of the day – March 3, 2016 – Identity thieves stealing W-2s

March 2, 2016 Posted by Steven Weisman, Esq.

Income tax identity theft is a multi billion dollar problem that costs the government and, by extension,  we the taxpayers billions of dollars each year while tremendously inconveniencing the individual taxpayers whose identities are stolen as it generally takes the IRS months to fully investigate each instance of identity theft and send to the victimized taxpayer his or her legitimately owed tax refund.  Armed with a potential victim’s name and Social Security number, it is a simple matter for an income tax identity thief to file a phony return with a counterfeit W-2 to obtain a fraudulent income tax refund.

Now, it appears sophisticated income tax identity thieves are stealing large numbers of legitimate W-2s containing all of the information the identity thieves need to file a fraudulent income tax return by sending phishing emails to HR and accounting departments within companies often posing as the CEO of the company or someone else in upper management requesting copies of all employee W-2s under various guises.  Other times, payroll management companies have been targeted using the same type of phishing emails.  In some instances, the phishing emails have been recognized as scams, but in other instances, companies have unwittingly handed over thousands of W-2s to clever identity thieves.


All companies have got to do a better job of training employees to recognize phishing emails and installing anti-phishing software programs.  In addition, dual factor authentication should be used before transmitting sensitive data to make sure that the person to whom the material is being sent is really who they represent they are.  These same lessons that apply to companies also apply to all of us as individuals, as well.  Phishing is done to steal the identities and information of unwary individuals every day and the best way to protect yourself is to start with remembering my motto, “trust me, you can’t trust anyone.”  Never provide personal information to anyone who asks for it by phone, text message or email unless you have absolutely confirmed that the request is legitimate and the person or company requesting the information has a legitimate need for the information.  Never click on links or download attachments from emails or text messages unless you have confirmed they are legitimate because those links and attachments could contain keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft.  Finally, keep all of your electronic devices including your smartphone up to date with the latest security software patches.

Scam of the day – March 2, 2016 – Dangers to avoid when filing your income tax return electronically

March 2, 2016 Posted by Steven Weisman, Esq.

Millions of Americans file their federal income tax returns electronically.  In fact, if your taxable income is less than $62,000 you are eligible to file your federal income tax return for free using the IRS Free File program.  Filing your income tax return electronically can be both safe and convenient if done properly, but it also can be risky as evidenced by a recent study by the Online Trust Alliance, a nonprofit Internet Security firm which found that six of the thirteen companies used in the IRS Free File program had significant security issues that included failures to properly encrypt data. Here is a link to the Online Trust Alliance report:


So what can you do to make your electronic filing more secure?  Here is a list of good practices to follow:

  1.  Install security software on your computer or other electronic device you are using to file your income tax return and keep the software updated with the latest security patches.
  2. Don’t file your income tax return using public Wifi.
  3. Don’t store your income tax return on your computer.  Store it in a separate USB thumb drive.
  4. Beware of phony emails purporting to come from the company you are using to file your taxes that ask you to confirm your account information and password.  Phishing emails that appear to be from TurboTax are presently circulating.  Never provide information in response to such emails.  If you think the email might be legitimate, contact the real company independently from the email and you will find that the initial email was a scam.
  5. Make sure that all communications regarding your income tax return are encrypted.
  6. Use dual factor authentication in addition to passwords such as one-time codes sent to your smartphone or fingerprints whenever possible.
  7. Use a unique password for your online income tax return.
  8. To make sure that the income tax website you are on is legitimate, look for the green trust indicator in your browser address bar which means that the website is legitimate and has an Extended Validation SSL Certificate, which is mandated by the IRS.

Scam of the day – February 28, 2016 – IRS increases number of people affected by “Get Transcript” hacking

February 28, 2016 Posted by Steven Weisman, Esq.

Two days ago, the, the IRS announced that the hacking of its “Get Transcript” program, which they had originally announced in May  of 2015 and which was the subject of my Scam of the day for May 28, 2015 was far worse than either the number they originally indicated or the updated figure of a few months ago. While originally, the IRS stated that 114,000 people were affected by the IRS data breach, which was then increased to 220,000 people, now the IRS is saying that the number of people affected is 724,000.  The fact that it has been so difficult for the IRS to ascertain through its forensic investigation the number of people affected is a good indication of how serious the problem is.

As a result of the data breach, the IRS indicated in May that  it paid more than 50 million dollars in fraudulent returns filed using the information stolen from the IRS’ “Get Transcript” program. With the increased awareness of the much higher number of people affected by the data breach, the amount of payments made to the hackers may well increase.   The”Get Transcript” program enables taxpayers to get copies of their federal income tax returns from previous years.  People often use this service to get copies of earlier income tax returns for uses such as when they apply for a mortgage or financial aid for college.

Although many people were surprised at this hacking, Scamicide readers were not among them because here at Scamicide, we exposed this vulnerability in the “Get Transcript” program in our Scam of the day of April 3, 2015.  Apparently, the IRS doesn’t read Scamicide.  Maybe it should.

The problem with the system was in the authentication process used by the IRS to limit access to this information to the taxpayer who is seeking his or her own income tax returns.  In order to access the income tax returns, the system required the inquirer to provide his or her name, Social Security number, birth date, address and other personal identity verifications, such as what was your high school mascot or when you got a mortgage. The problem is that, in many instances, this information can be gathered by a diligent hacker from public data bases, social media where people provide this information to hackers, and data breaches.


If you are one of the newly discovered people affected by this data breach, you will get a letter, not an email, from the IRS and will be offered free credit monitoring services.  These letters will not require you to provide any personal information in response.  Any communication you get that purports to be from the IRS that requests that you provide personal information is not from the IRS, but from another scammer.

A lesson for all of us is to remember to try to protect the privacy of our Social Security numbers as best we can.  Most identity theft starts with the identity thief obtaining and exploiting the victim’s Social Security number.  Don’t provide it to companies with which you do business unless you absolutely must do so.  Medical care providers routinely ask you to provide this, but they have no need for this and the health care industry has been among the worst in protecting its data from being hacked.  In addition, people should be more careful as to the personal information they post on various social media that could be used by identity thieves as was done in this case.

The verification process of using personal identity verification information is fundamentally flawed in today’s world.  Better systems should be used, such as dual factor authentication where a code is sent to your smartphone when you need to access an account.

Scam of the day – February 3, 2016 – Online tax preparers hacked

February 3, 2016 Posted by Steven Weisman, Esq.

Online tax preparation company TaxAct has notified 450 of its customers that their accounts were accessed by unauthorized third parties between November 10, 2015 and December 4, 2015.  As a result of this unauthorized access, these customers’ formerly filed income tax returns were electronically taken by the hackers who were able to get their victims’ names, Social Security numbers, drivers’ license numbers and bank account information.  This information can be utilized by identity thieves for purposes of income tax identity theft.  The problem does not appear to have been as much a security breach by TaxAct as a lack of taking proper security precautions by their customers because the accounts were accessed through usernames and passwords stolen from other sources and then used to attack the victims’ accounts with TaxAct.  This is a major problem when people use the same username and password for multiple accounts.  If your security is breached at one company, your safety everywhere is threatened.  TaxAct also as a precaution froze the accounts of approximately 9,000 of its customers and informed them by email that in order to access their accounts this year, they will need to provide additional verification.

A few days ago, just a week after TaxAct’s customers were notified of the data breach, TaxSlayer, another online tax preparation company was also targeted by hackers, but no accounts were compromised.  One reason for this is that TaxSlayer requires further verification if someone attempts to log into their account at TaxSlayer from a different computer than the one used to initially set up the account.  This simple security measure can go a long way toward protecting online taxpayers from income tax identity theft.


First and foremost, everyone should use a unique password for each and every online account that you have.  It is not that difficult to do.  In addition, whenever you can use dual factor authentication, you should take the opportunity to do so.  With dual factor authentication, you receive a one time code by way of your smartphone each time you go to your online account.  Although this may seem like an inconvenience.  It is extremely useful and not terribly time consuming.