Posts Tagged: ‘income tax identity theft’

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.

TIPS

The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to http://www.irs.gov/Individuals/Electronic-Filing-PIN-Request where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – February 22, 2015 – IRS warns tax preparers of phishing emails

February 22, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a huge problem that costs the taxpayers more than 5 billion dollars a year.  Identity thieves armed with an unwary victim’s Social Security number files, generally electronically, a phony tax return on behalf of the victim with a fake W-2 that shows a substantial fraudulent refund due.  If the legitimate taxpayer files his or her income tax return after the identity thief, the real income tax return will be flagged and a long investigation will occur before the real taxpayer is able to receive his or her legitimate refund.

Now the IRS is issuing a warning to accountants and other tax preparers about a phishing scam where the tax preparer receives what appears to be an email from the IRS asking the tax preparer to update their IRS e-services portal information and Electronic Filing Identification Numbers (EFINs).  Links are provided in the email for entering the tax preparer’s username and password which is what the identity thief sending this phishing email is seeking.  Once the identity thief has this information, it is easier for him or her to file phony tax returns.  The IRS is advising anyone who receives one of these emails to delete it after forwarding it to the IRS at phishing@irs.gov.

TIPS

As I have warned you many times, you can avoid phishing emails regardless of how clever they may be or how legitimate they may appear if you make it a practice to never click on links in emails, download attachments or provide personal information until you have absolutely confirmed that the communication is legitimate.  In this case, it is easy to call the IRS to confirm that this is a scam.  Even if the email or text message appears to have come from a trusted source, your trusted source may have had his or her email account or smartphone hacked so it is always necessary to confirm that any communication you receive is legitimate before clicking on links, downloading attachments or providing personal information.  Clicking on tainted links or downloading tainted attachments can result in keystroke logging malware being installed on your computer or other electronic device that will steal personal information from your computer or other electronic device and use it to make you a victim of identity theft.  Remember my motto, “trust me, you can’t trust anyone.”

Scam of the day – February 16, 2015 – Turbo Tax scam update

February 16, 2015 Posted by Steven Weisman, Esq.

As I reported to you previously, earlier this month following a rash of fraudulent state income tax filings using Turbo Tax software in nineteen states, Turbo Tax temporarily suspended electronic state income tax filings through Turbo Tax.  Although the matter is still under investigation, it does not appear that Turbo Tax was hacked.  More likely it is that identity thieves who already obtained the Social Security  numbers of their victims were using Turbo Tax’s convenient software to file fraudulent return in which they claim phony refunds.  On the federal level, this is a 5.2 billion dollar problem annually.  Now, enterprising identity thieves are sending out phishing emails that appear to be sent by Turbo Tax in which the email recipient is told that there is a problem with the person’s electronically filed income tax return and that they need to click on a link and provide personal information in order to rectify the problem.  This is a scam that is intended either to lure the victim into downloading keystroke logging malware that will steal personal information from the victim’s computer or other electronic device and use that information to make the person  a victim of identity theft or to lure the victim into providing the personal information directly to the identity thief posing as Turbo Tax.

TIPS

Whenever you get an email or a text message either asking for personal information directly or instructing you to click on a link, you should not respond until you have absolutely confirmed that the email or text message is legitimate.  Making a counterfeit email look official is child’s play so even if the communication looks legitimate, you should not trust it.  The better course of action is to contact the company directly at a telephone number, email address or website that you know is legitimate to confirm whether the original communication was legitimate.  Scammers and identity thieves always take advantage of the latest public concerns to convince people to provide information used to make them victims of identity theft.

Scam of the day – February 10, 2015 – Turbo tax and income tax identity theft

February 10, 2015 Posted by Steven Weisman, Esq.

A few days ago, Intuit, the maker of Turbo Tax temporarily suspended the use of its state income tax filing software due to, what the company referred to as, “an increase in suspicious filings.”  After a couple of days, the company restored the usability of the state income tax filing software.  The issue came to a head recently when Minnesota’s Department of Revenue said it would no longer accept online tax filings using Turbo Tax because of problems with income tax identity theft.  The problem, however, is not with Turbo Tax, but rather with the entire system for filing state and federal income taxes online.  Once they have stolen someone’s Social Security number, identity thieves are finding it quite easy to file a phony income tax return using the Social Security number of the person whose identity they have stolen along with phony W-2 figures claiming a substantial refund.  Since neither the states nor the IRS compare the W-2 figures contained in tax returns with those filed by employers before sending out a refund, income tax identity theft is a low risk, high reward criminal enterprise which cost taxpayers more than 5.2 billion dollars last year in phony federal refunds.

TIPS

The key to protecting yourself from income tax identity theft is two-fold.  First, protect the privacy of your Social Security number as much as possible and second, file as early as possible in order to beat an identity thief to the punch.

Scam of the day – February 9, 2015 – Break-in at Liberty Tax preparers

February 8, 2015 Posted by Steven Weisman, Esq.

Earlier this week burglars broke into the office of Liberty Tax in Highland, California and stole paper customer files as well as computers used in the office.  Liberty Tax is a nationally franchised tax preparation organization.  According to the San Bernadino County Sheriff’s Department, the thieves obtained the names, addresses and Social Security numbers of “a large number of clients” as well as credit card information of some clients.  Obviously this puts the affected customers in great danger of identity theft.

TIPS

Affected Liberty Tax customers should immediately put a credit freeze on their credit reports at each of the three major credit reporting bureaus if they do not already have credit freezes in place.  You can find information about how to put credit freezes on your credit reports by going to the archives of Scamicide.  Accountants and tax preparers will, by the nature of their business have much sensitive personal information of their clients, which means that it is incumbent upon all of us who use accountants or tax preparers to inquire about what they do to protect the security of physical documents and computerized data.  All sensitive electronic data should be encrypted.  In addition, many identity thieves pose as tax preparers in order to gain access to personal information of their victims for purposes of identity theft.  Before you choose a tax preparer you should investigate him or her thoroughly.  Make sure they are registered with the IRS and look into whether they have had any charges or disciplinary actions taken against them.

Scam of the day – January 22, 2015 – Tarrish Tellis convicted of income tax identity theft

January 22, 2015 Posted by Steven Weisman, Esq.

We are just at the start of the income tax identity theft season;  income tax identity thieves file early (and often) in order to get their fraudulent income tax returns to the IRS before the victim files his own legitimate income tax return.  The theory behind income tax identity theft is simple and effective.  The identity thief steals someone’s Social Security number and then files a phony income tax return using that Social Security number with phony W-2s or 1099s that can fool the IRS into sending a large, fraudulent refund.  It doesn’t help matters that the IRS still does not match the legitimate W-2s and 1099s sent by employers with those filed by tax filers until late in the summer, long after theirs has sent refunds, but that is another story.

Tarrish Tellis was recently convicted of filing fraudulent income tax returns and stealing more than $700,000 from the IRS through fraudulent refunds obtained as a result of the phony tax returns.  Tellis obtained the Social Security numbers and names of 700 victims from an employee of the Alabama Medicaid State Agency.  Tellis is scheduled for sentencing on April 15th.

TIPS

The two best things you can do to protect yourself from income tax identity theft are to keep your Social Security number as safe, secure and private as possible and file your income tax return as early as possible to beat the identity thief to the punch.  As shown by the fact that the victims in this case became victims through no fault of their own, but due to the criminal acts of an employee of an agency that had access to their personal information, it is once again abundantly clear that we are only as safe as the places that hold our personal information with the worst security.

Scam of the day – January 17, 2015 – Ghana Johnson indicted for income tax identity theft

January 17, 2015 Posted by Steven Weisman, Esq.

Recently, an Ohio woman, Ghana Johnson was indicted on federal charges related to income tax identity theft in which she is accused of filing 106 phony income tax returns and claiming $476,000 in phony refunds using stolen Social Security numbers and falsified W-2s and other income records.  She is accused of obtaining the Social Security numbers and other personal information primarily through stealing the admission records from a medical and dental assistant school in Cleveland as well as through holding herself out as a legitimate tax preparer and thereby gaining information from family members, friends and others who she cheated.

TIPS

With the start of the year, income tax identity theft will shortly be in full swing because income tax identity thieves rush to file phony returns before the legitimate taxpayers whose information they have stolen file their own legitimate returns.  It is for this reason that the earlier you file, the safer you will be from income tax identity theft.  Income tax identity theft is a multi-billion dollar crime that is only getting worse and due to IRS budget cuts and failure to enact sufficient security measures can be expected to be worse this year.  Things you can learn from this particular case are to limit, as much as possible, the places that hold your personal information, particularly your Social Security number and make sure that any tax preparer you use is legitimate.

Scam of the day – December 5, 2014 – Identity thief convicted and sentenced to 90 months in prison

December 4, 2014 Posted by Steven Weisman, Esq.

Norman Perry was recently convicted of aggravated identity theft and sentenced to 90 months in prison.  Perry’s scheme is startlingly simple and stands as a good lesson to all of us.  He took out advertisements in which he promised, for a fee,  to find lost and unclaimed funds for people.  Each state has an unclaimed property  program where abandoned or lost funds such as unclaimed security deposits, dividends or bank accounts are turned over to the state by businesses holding these funds.  Perry represented that he had unique skills in finding these funds for people and retrieving the funds for his clients/victims.  He informed his victims that in order to retrieve the funds on their behalf, he would need their names, Social Security numbers and addresses.  In fact, this information is required in order to retrieve funds through unclaimed property programs.  However, Perry had no intention of finding abandoned funds on behalf of his clients.  He took the personal information his victims provided to him and filed phony income tax returns on their behalf and received $135,743 in refunds from the IRS.

TIPS

There are companies that do the services Perry claimed to do, but there is absolutely no need to pay anyone to do this for you because you can do the same search for unclaimed property yourself at no cost.  There is no reason to provide your personal information to anyone in order to find unclaimed or abandoned property.  Here is a link to the website of the National Association of Unclaimed Property Administrators.  All you need to do is to click on the state where you wish to see if any property is being held on your behalf and you will be directed to the program for your particular state.  The process is simple and has no cost. http://www.naupa.org/

The lesson of Norman Perry’s crime is a simple one.  Never provide personal information, particularly your Social Security number to anyone unless you are absolutely sure that they are honest and have a need for your information.

Scam of the day – November 30, 2014 – Prisoners receive 70 million dollars of refunds for phony income tax returns

November 29, 2014 Posted by Steven Weisman, Esq.

Income tax identity theft is a huge problem, which last year alone cost the federal government and, by extension, we, the taxpayers, more than five billion dollars in refunds paid by the IRS to identity thieves filing phony returns, often using stolen Social Security numbers of innocent taxpayers.  However, according to a recent report by the Treasury Inspector General for Tax Administration (TIGTA), phony income tax returns filed by criminals who are already incarcerated cost the IRS more than seventy million dollars in 2012, the most recent year for which TIGTA had records.  Although the IRS noted that it had identified and prevented more than 100,000 phony refund-claiming income tax returns, TIGTA concluded in its report that “Tax refund fraud associated with prisoners remains a significant problem for tax administration.”  TIGTA also found that the IRS had failed to implement four of six recommendations of TIGTA in regard to reducing income tax fraud by prisoners.

TIPS

Income tax identity theft is a major problem.  In regard to tax refund fraud associated with prisoners, it is not known to what extent prisoners are filing fraudulent tax returns using the Social Security numbers of other people because the IRS has not, as required, reported to Congress in a timely basis reports that indicate the extent to which prisoners are filing fraudulent tax returns using the Social Security numbers of other people.  As for the rest of us, fraudulent income tax returns filed by identity thieves using stolen Social Security numbers is a major problem.  The key to protecting yourself from this threat is to file your income tax return as soon as possible in order to beat an identity thief to the punch and to protect the privacy of your Social Security number as much as possible.

Scam of the day – October 28, 2014 – Healthcare worker pleads guilty to identity theft

October 28, 2014 Posted by Steven Weisman, Esq.

Florida medical assistant La Toya Yvette Tillman has been convicted of aggravated identity theft and sentenced to three years in prison.  Through her work at Gastroenterology Consultants she was able to access the database for the entire Memorial Healthcare System, one of the largest health care systems in the country.  Tillman stole personal information including patients’ names, dates of birth and Social Security numbers which she sold by the thousands to identity thieves who, in turn, used the information to file fraudulent income tax returns and commit income tax identity theft.  The lack of security in the health care industry nationwide is far worse than that of retailers such as Target, Home Depot and others that have been the victims of major data breaches.  This case in particular points to the problem of insider identity theft where rogue employees, having access to personal information of patients are able to steal that information.   Regardless of how strong a company’s security is to withstand an attack from outside of the company, it is necessary to combine that security with strong security from threats within the company.

TIPS

This should be a wake up call to many companies and not just those in the health care industry to better protect the privacy of their data banks from threats within the companies as well as outside of the companies.  Too much information is readily accessible in many companies to too many people in the companies with no need to have access to that information.  However, this case also is a good example of companies having access to Social Security numbers, the key to identity theft when they don’t need this information.  People think that medical care providers need your Social Security numbers, when in fact the main reason medical care providers and others demand the number is to make collection of overdue bills easier for them.  Try to limit as much as possible the companies to which you provide your Social Security number to those that truly have a need for it.  The information stolen by La Toya Yvette Tillman would not have been sufficient for her accomplices to file fraudulent tax returns if the Social Security numbers were not included in the stolen data.