Scam of the day – June 14, 2017 – IRS improves its handling of income tax identity theft

Income tax identity theft, by which identity thieves file phony income tax returns with counterfeit W-2s using the Social Security number and name of their victims is still a major problem for the IRS and taxpayers costing us all billions of dollars each year.  However, when someone has stolen your Social Security number and filed an income tax return using your name, the problem becomes particularly personal.

In 2015 I reported to you about a report of the Treasury Inspector General for Tax Administration (TIGTA) in which it disclosed that despite IRS assurances to the contrary, it took the IRS an average of 278 days to resolve individual income tax identity theft cases and return the rightfully owed tax refund to the victimized taxpayer.  In a heartening example of some good news, TIGTA has recently reported that the IRS has lowered the time to resolve the income tax identity theft cases of individual taxpayers to 166 days, which, although to my mind, is still too long, is a significant improvement.

TIPS

Along with protecting the privacy of your Social Security number as much as possible, the best thing you can do to protect yourself from income tax identity theft is to file your income tax return as soon as possible in order to make sure your return is filed prior to that of an identity thief.  Income tax identity theft only works if the identity thief files a tax return before you do.

If you do find yourself a victim of income tax identity theft, you should file a police report immediately and then file a paper tax return with an attached Form 14039 Identity Theft Affidavit along with a copy of the police report to the IRS to hasten the process of recovering your tax refund.

March 28, 2017 – Steve Weisman’s latest column for USA Today

Here is a link to my latest column for USA Today in which I discuss the latest income tax scams.  Income tax scams are always evolving and you need to know how to recognize and avoid these scams.

http://www.usatoday.com/story/money/columnist/2017/03/28/beware-evolving-income-tax-scams/99408936/

Scam of the day – March 7, 2017 – Prisoner convicted of income tax identity theft while in prison

Daniel Aaron Stone has pleaded guilty to charges related to income tax identity theft and will be sentenced later this year.  However, it is unlikely that Stone’s address will change once he is sentenced because he is already serving time in federal prison and was doing so at the time he committed his new crimes.

This is just an example of how easy it is to accomplish income tax identity theft.  All it takes is the names and Social Security numbers of the intended victims.  Using this information, it is a simple matter to electronically file a fraudulent income tax return with phony W-2 information.  If the phony return is filed before the victim files his or her income tax return, there is a good chance that the IRS will send the requested refund to the income tax identity thief.

TIPS

Try as it may, the IRS is having a difficult time stopping income tax identity theft.   Along with protecting your personal information, particularly your Social Security number as much as you can, the best thing you can do to avoid becoming a victim of income tax identity theft is to file your income tax return early.  Income tax identity theft can only work when the criminal is able to file an income tax return using your name and Social Security number before you file your own legitimate income tax return so consider filing as early as possible.

Scam of the day – January 19, 2017 – W-2 scam

We have just come out of the holiday season which is, perhaps, the biggest time of the year for scams and now we are entering the income tax season which probably runs a close second when it comes to scams.

Employers are now sending out W-2 forms to employees which are necessary for the employees to complete their income tax returns.  Many employers will send an email to employees about obtaining their W-2s online and scammers are taking advantage of this by sending emails that appear to come from the potential victim’s employee which contain a link to be used to view and then print the victim’s W-2.  However, when scammers send these phishing emails they are seeking the username and password of the victim which will be provided to the scammer when the victim clicks on the link and provides this information when prompted.  This can lead to identity theft.  In another variation of this scam, merely by clicking on the link, the victim downloads keystroke logging malware that will steal all the information in the victim’s computer and use it to make the person a victim of identity theft.  In yet another variation of the scam, clicking on the link will download dangerous ransomware.

TIPS

Employers will generally not include a link in legitimate emails to access their W-2 forms online.  Instead they will instruct the employee to go directly to this information at the appropriate department within the employer using their username and password separately.    Even if your employer were to provide a link in such a legitimate email, you could never be sure that the email was from your employer so you should not click on the link.  It is better to independently go to the department of your employer that has this information.

Scam of the day – January 4, 2017 – Income tax scams

Income tax identity theft is a major problem that costs taxpayers billions of dollars and can delay your tax refund by many months while the IRS investigates the matter.  While the IRS has gotten somewhat better at discovering income tax identity theft before paying out a fraudulent return, they are still nowhere near as good as they can and should be in preventing this type of crime.

The crime itself is quite simple.  An identity thief uses your Social Security number obtained in any number of ways and files a phony income tax return using a counterfeit W-2 to claim a sizable refund.  If the IRS pays a refund, which they often do, in response to the phony income tax return, the person whose Social Security number was used in filing the phony income tax return will find that the IRS will flag their legitimate income tax return when it is later filed because of it being the second income tax return filed with the same Social Security number.  It takes the IRS 278 days on average to investigate incidents of income tax identity theft causing the victims to have to wait that long before they can receive their legitimate income tax refund.

The vast majority of people file their income tax returns electronically so it should come as no surprise that a scam that is now being perpetrated involves an email you receive that appears to come from the IRS asking you to update your e-filing information including  your Social Security number and bank account information.  Don’t do it.  It is a scam.  The IRS will not communicate with you by emails or text messages.

TIPS

The simplest way to avoid income tax identity theft is to file your income tax return as early in the year as possible in order to beat the identity thief to the punch.  If your legitimate income tax return is filed before the identity thief tries to file an income tax return using your Social Security number, your refund will have already been sent by the IRS.

As for avoiding the phishing emails that appear to come from the IRS, the easiest way to avoid this scam is to follow the rule of never providing personal information in regard to an email until you have confirmed that the email is legitimate and there is a legitimate need for the information to be provided.  In this case, in particular, you don’t need to even bother to look into whether the email is legitimate or not because the IRS will never initiate contact with you by an email so you can ignore it.

 

Scam of the day – December 25, 2016 – Identity thief mastermind sentenced

Earlier this week, Kevin Brown was sentenced to eleven years in prison for masterminding an income tax identity theft operation that stole the identities of 130 people and filed phony income tax returns in their names in an attempt to steal more than 20 million dollars in bogus refunds.  In May of 2016 Marc A. Bell, a juvenile justice worker was sentenced to four years in prison for his role in the income tax identity theft ring which operated out of a Washington D.C. barbershop owned by Brown.  Bell used his position at the D.C. Department of Youth Rehabilitation Services to steal the Social Security numbers and other personal information of juvenile offenders which he provided to Brown,  who used the information to file phony income tax returns with counterfeit W-2s to claim the phony refunds.  In addition to the juvenile offenders personal information, Brown used stolen information of the elderly and drug addicts in his scam.

TIPS

This case again emphasizes that regardless of how protective you are of your personal information, most importantly, your Social Security number, which is the key to identity theft, you are only as secure as the places that have your personal information.  This case also serves as a reminder to limit the places that do have your Social Security number.   Many companies, agencies and institutions, particularly medical facilities, routinely ask you to provide your Social Security number when they have no need for it.  A good practice to follow is to inquire as to providing another type of identifying number such as your driver’s license rather than giving your Social Security number when it is not needed.  Some people have dealt with companies that don’t have a legitimate need for your Social Security number, but still require you to provide it by giving a different number.  A popular number used for this purpose over the years has been former President Richard Nixon’s Social Security number which was readily available on the Social Security Administration’s Death Master File until recently.  That number is 567-68-0515.  Of course, I do not recommend that you use it.

It is also important to remember that the best way to defeat an income tax identity thief is to file your income tax return early, before an income tax identity thief can file one using your Social Security number.

Scam of the day – October 29, 2016 – IRS impersonation scam busted

Following an exhaustive three year joint investigation by numerous federal agencies  led by the Justice Department, indictments were announced Thursday of 56 people and 5 illegal call centers accused of posing as IRS agents, calling unsuspecting victims in the United States and threatening them if they did not pay phony tax bills. Although the people indicted, including 20 who have already been arrested, were in both the United States and India, the call centers were all located in Ahmedabad India.  The alleged scammers obtained the names of their potential victims from various legitimate data brokers.  These indictments were not related to the police raid earlier this month in India which resulted in the arrest of 70 people charged similarly.

According to the Justice Department,the scammers used a network of co-conspirators in the United States to launder the funds obtained from the victims, most commonly through prepaid debit cards or wire transfers.  The prepaid debit cards were laundered using information stolen from thousands of identity theft victims.  The biggest amount paid by a victim of this scam was paid by a Californian who paid $136,000 to the scammers.

TIPS

This scam is easy to avoid.  Don’t trust your Caller ID because by using a technique called spoofing, a scammer can make his or her call appear to be from the IRS on your Caller ID.  Trust me, you can’t trust anyone.  The easiest way to recognize if a call from the IRS demanding money is a scam is to be aware of the fact that the IRS will never initiate contact with a taxpayer to collect overdue taxes by a phone call, email or text message. Any such communication is from a scammer so you should just ignore it.   Additionally, unlike the IRS, the scammers often demand that payments be made immediately by prepaid debit cards, wired funds or even iTunes gift cards, which is something that the IRS will never do.

Scam of the day – October 21, 2016 – Report issued critical of IRS efforts to fight identity theft

Yesterday, the Treasury Inspector General for Tax Administration (TIGTA) issued a report regarding its investigation into the IRS’ electronic authentication controls.  The investigation was prompted by identity thieves using the IRS’ Get Transcript program to obtain the former income tax returns filed by an estimated 724,000 taxpayers and use the information contained in those income tax returns to file phony income tax returns using the names of the victimized taxpayers and obtain fraudulent refunds.   The IRS did not become aware of the vulnerability of the Get Transcript program until May of 2015 and shut down the program until it was reintroduced with what the IRS said was increased security in June of 2016.   The idea behind the IRS’ Get Transcript program was a good one, namely permitting taxpayers to get access to copies of their tax returns from previous years conveniently and electronically.  An essential element of such a program is a strong authentication process to keep identity thieves from accessing this sensitive material and unfortunately, the authentication protocol used by the IRS was quite inadequate and did not meet industry standards resulting in the data breaches affected 724,000 taxpayers.  In one instance the TIGTA report indicated that the IRS missed an attempt by a hacker to attempt to gain access to a victim’s tax return 902 times in a single 24 hour period.

The TIGTA report made seven specific recommendations for increased IRS security in regard to the electronic authentication process to gain access to taxpayers’ records and the IRS has agreed with all seven, however, a number of the recommendations have still not been implemented by the IRS and the system is still not as secure as it should be.

TIPS

The best way to avoid income tax identity theft is to file your income tax return as soon as possible because even an identity thief in possession of your Social Security number and other personal information that would enable him or her to file a phony income tax return in your name would not be able to get a payment from the IRS if you had already filed your return.

Scam of the day – September 20, 2016 – Income tax identity thief sentenced

Jesse Scott Wilson  of Alaska was recently sentenced to 92 months in prison for his role in an income tax identity theft ring that electronically filed at least 428 phony income tax returns using stolen Social Security numbers resulting in refunds of $681,258 being paid to Wilson and his three cohorts.  Wilson will not have to go far in order to start his prison sentence because both he and his fellow conspirators were already incarcerated in an Alaska prison throughout the time that they managed to pull of their crime.  This just serves as an example of how incredibly easy it has become for someone to commit income tax identity theft which costs the American taxpayers billions of dollars each year.

In 2015 the IRS instituted a new cooperative effort between the IRS, state tax administrators and private tax preparation leaders.  Included among the steps being taken are review by the IRS of the IP address of computers filing income tax returns to identify computers filing multiple returns and reviewing the time it takes to complete an electronic income tax return which can also help identify fraudulent returns since completing a fraudulent return generally takes less time than a legitimate return.  In addition, income tax preparation software companies will be using enhanced validation protocols including increased use of security questions.

However, all of these steps which are expected to cost taxpayers an additional 281 million dollars to implement totally miss the point.  The easiest and simplest way to dramatically reduce income tax identity theft still is not being done by Congress, namely changing the laws regarding employers filing of W-2s.  Under present law, for the upcoming tax filing season, employers must file W-2s with the federal government by February 29th if they file paper W-2s and as late as March 31st if they file, as so many do, electronically.  Unfortunately Congress in its infinite wisdom requires these W-2s to be filed with the Social Security Administration (SSA) by those dates.  The SSA does not send the W-2s to the IRS until July so the IRS does not get around to matching the W-2s filed by employers with those filed by individual taxpayers with their income tax returns until months after the IRS has already sent a refund based on the W-2 filed by the taxpayer or identity thief.  In order to dramatically reduce income tax identity theft, all Congress has to do is merely require employers to file W-2s with the IRS instead of waiting for the SSA to send them to the IRS.  It also would make much more sense than Congress appears to have to require the IRS to match those employer filed W-2s with those filed by individual taxpayers BEFORE sending out a refund in order to easily identify counterfeit W-2s.  For years Congress has been advised to make these simple changes, but it still fails to do so.

TIPS

Try as it may, the IRS is having a difficult time stopping income tax identity theft by which an identity thief steals your personal information and files a phony income tax return using your name and gets a refund.  Along with protecting your personal information, particularly your Social Security number as much as you can, the best thing you can do to avoid becoming a victim of income tax identity theft is to file your income tax return early.  Income tax identity theft can only work when the criminal is able to file an income tax return using your name and Social Security number before you file your own legitimate income tax return so consider filing as early as possible.

Scam of the day – July 4, 2016 – Steve Weisman’s latest column from USA Today

Sometimes the job of protecting ourselves from identity theft can seem to be overwhelming, which is why I wrote this column for USA Today that provides you with some simple and easy to take steps to reduce your chances of becoming a victim of identity theft.  Here is a link to that column.

http://www.usatoday.com/story/money/columnist/2016/07/02/simple-steps-avoid-identity-theft/85697192/