Posts Tagged: ‘income tax identity theft’

Scam of the day – June 15, 2015 – New IRS policies implemented to thwart identity theft

June 15, 2015 Posted by Steven Weisman, Esq.

The good news is that late last week the IRS initiated new policies to help reduce income tax identity theft which costs taxpayers 5 billion dollars per year.  The better news is that the new policies include significant information sharing between private companies such as Intuit, which makes the popular Turbo Tax program which has been utilized by identity thieves to accomplish income tax identity theft and the IRS.  The cooperation and information sharing between the IRS and private companies involved with income tax preparation will aid in the recognition of new forms of identity theft and the development of defenses.

Included among the new policies being implemented are the crosschecking of electronically filed returns with Internet addresses and computer addresses as well as scans that will determine the time it took to complete an online return to help determine when a fraudulent return is being filed.

However the bad news is that Congress still hasn’t taken the most basic step necessary to dramatically reduce  income tax identity theft, namely requiring employers to send W-2s to the IRS directly and in a timely fashion before the IRS sends out tax refunds.  Presently, employers file their W-2s with the Social Security Administration (SSA) in February or March depending on whether the W-2s are filed electronically or on paper.  The SSA does not get around to sending the W-2s to the IRS until late July so that by the time the IRS compares the actual W-2s with the information contained in income tax returns, the IRS has already sent out billions of dollars of fraudulent refunds.  The simple step of requiring companies to file their W-2s with the IRS early in the tax season so that the IRS can compare the real W-2s with the information contained in filed income tax returns before sending out refunds could eliminate a large amount of income tax identity theft.


The best way for all of us as individual taxpayers to avoid becoming a victim of income tax identity theft is to protect the privacy of our Social Security numbers and file our legitimate income tax returns as early as possible.  Income tax identity theft can only be accomplished if the identity thief has your Social Security number and files an income tax return before you file your legitimate return.

As for Congress, how many more billions of taxpayers dollars needs to be lost to income tax identity theft before they take the simple step of reforming the laws regarding the filing of W-2s?

Scam of the day – June 4, 2015 – IRS changes identity theft policy

June 4, 2015 Posted by Steven Weisman, Esq.

The IRS, which has not been covering itself in glory, as it tries to respond to the multi-billion dollar problem of income tax identity theft recently got something right.  In response to a request from New Hampshire Senator Kelly Ayotte, the IRS is changing its policy regarding providing copies of fraudulent income tax returns to victims of income tax identity theft where their names and Social Security numbers were used to file fraudulent income tax returns seeking phony refunds.  Believe it or not, until now the victims of income tax identity theft were prevented from seeing the income tax returns filed using their names and Social Security numbers because it violated the privacy rights of the criminals who filed those returns.  Pursuant to the IRS’ new policy, the victims of income tax identity theft will now be able to see those returns, which can provide a window through which the victims can see the extent of the theft of their personal information and put the victims in a better position to understand the extent of the harm, which is the first step in remedying the problem.


The two best things you can do to protect yourself from becoming a victim of income tax identity theft are to file your income tax return as early as possible to beat the identity thief to the punch.  If you file before the identity thief does, the identity thief’s return will not be accepted by the IRS.  The second thing everyone should do is to protect the privacy of your Social Security number as much as possible.  The more places that have your Social Security number, the more you are in jeopardy of identity theft.  Also, never carry your Social Security card with you in your wallet or your purse.  Having your cash stolen is much less of a problem than having your identity stolen and if your Social Security number falls into the hands of an identity thief, the crime is all but done.

Scam of the day – May 28, 2015 – Hackers steal personal information from IRS

May 28, 2015 Posted by Steven Weisman, Esq.

On Tuesday, many people were surprised when the IRS announced that it was shutting down its “Get Transcript” system which enables taxpayers to get copies of their federal income tax returns from previous years.  People often use this service to get copies of earlier income tax returns for uses such as when they apply for a mortgage or financial aid for college.  The IRS shut down this service because it just became aware that vulnerabilities in the system resulted in hackers attacking the system from mid February until now posing as legitimate taxpayers and getting copies of  income tax returns which could provide information that would enable the hackers to steal the identities of their victims and file phony income tax returns in the names of their victims and claim bogus refunds.  According to the IRS, sophisticated hackers tried to hack the system 200,000 times and were successful in 104,000 of their attempts.

Although many people were surprised at this hacking, Scamicide readers were not among them because here at Scamicide, we exposed this vulnerability in our Scam of the day for April 3, 2015.  Apparently, the IRS doesn’t read Scamicide.  Maybe it should.

The problem with the system is in the authentication process used by the IRS to limit access to this information to the taxpayer who is seeking his or her own income tax returns.  In order to access the income tax returns, the system required the inquirer to provide his or her name, Social Security number, birth date, address and other personal identity verifications, such as what was your high school mascot or when you got a mortgage. The problem is that, in many instances, this information can be gathered by a diligent hacker from public data bases, social media where people provide this information to hackers, and data breaches.


If you are one of the 104,000 people affected by this data breach, you will get a letter, not an email, from the IRS and will be offered free credit monitoring services.  These letters will not require you to provide any personal information in response.  Any communication you get that purports to be from the IRS that requests that you provide personal information is not from the IRS, but from another scammer.

A lesson for all of us is to remember to try to protect the privacy of your Social Security number as best you can.  Most identity theft starts with the identity thief obtaining and exploiting the victim’s Social Security number.  Don’t provide it to companies with which you do business unless you absolutely must do so.  Medical care providers routinely ask you to provide this, but they have no need for this and the health care industry has been among the worst in protecting its data from being hacked.

The verification process of using personal identity verification information is fundamentally flawed in today’s world.  Better systems should be used, such as dual factor authentication where a code is sent to your smartphone when you need to access an account.

Scam of the day – April 26, 2015 – Intuit sued regarding income tax identity theft

April 26, 2015 Posted by Steven Weisman, Esq.

A lawsuit has been filed in the Federal District Court for the Northern District of California by Christine Diaz and Michelle Fugatt against Intuit, the maker of TurboTax, the popular tax preparation software used by so many people to file both state and federal income tax returns.  Christine Diaz had not used TurboTax since 2011, however someone had managed to access her online TurboTax account to file state income tax returns in Michigan, Missouri, Ohio and Oklahoma as well as a federal income tax return using her Social Security number and name.  Interestingly, the other plaintiff, Michelle Fugatt, had never used TurboTax, but someone managed to set up an account in her name and file an income tax return using her name and Social Security number through TurboTax.

The lawsuit, which will most likely seek class action status to represent many more victims of income tax identity theft tied to TurboTax, alleges that TurboTax has negligently poor security which caused the plaintiffs to become victims of income tax identity theft.  TurboTax has indicated that about 60% of the fraudulent income tax returns filed using TurboTax software used personal information including Social Security numbers stolen from places other than TurboTax to set up TurboTax accounts to file phony income tax returns.  The remaining 40% of fraudulent income tax returns using TurboTax, the company says, can be traced back to identity thieves who have been able to hack into the accounts of TurboTax customers and gain access to personal information including past tax returns and then use that information to file phony tax returns.

Presently the FBI is investigating the tie between income tax identity theft and TurboTax.


Electronic filing has been a boon to legitimate taxpayers looking for a convenient way to file their income tax returns and more quickly get their refunds.  However, it has also been a boon to identity thieves.  In 2010 there were 500,000 fraudulent income tax returns filed electronically with the IRS, however, this number rose to close to 2 million in just three years and it shows no signs of slowing down.  Fraudulent income tax returns largely filed electronically cost the IRS and, in turn, the American taxpayers 5.8 billion dollars in fraudulent refunds paid by the IRS to income tax identity thieves.

TurboTax has recently added new security provisions including a requirement that TurboTax customers provide a code that TurboTax sends to their smartphone or email address in order to access their accounts from a computer other than their home computer

However, much of the security problem is caused by TurboTax users themselves.  Too many people use the same user name and password for all of their accounts so if this information is stolen by hackers from another account of the victim, it can be used to access their TurboTax account.  In addition, many taxpayers become victims because they are too careless in protecting the privacy of their Social Security number either on their computer or in paper documents.

Finally, a particularly safe way to use TurboTax, so long as your computer is protected by good anti-malware and anti-virus software is to use the desktop version of TurboTax rather than the online version so that TurboTax never has a record of your information.

Scam of the day – April 15, 2015 – TIGTA report on income tax identity theft

April 14, 2015 Posted by Steven Weisman, Esq.

The April 15th deadline for the filing of federal income taxes has come and gone, but if you have become a victim of income tax identity theft this tax season, your problems have only just begun. Income tax identity theft occurs when an identity thief files an income tax return using the name and Social Security number of a legitimate taxpayer and claims a refund based generally on a counterfeit W-2.  If you discover that you are a victim of income tax identity theft this year, your problems have just started. According to a recently released report by the Treasury Inspector General for Tax Administration (TIGTA), although the IRS has made some progress in assisting the innocent victims of income tax identity theft in getting their legitimate refunds, it still takes, on average, 278 days to resolve the claim of a victim of income tax identity theft although the IRS routinely tells taxpayers that they can expect their claims to be resolved within 180 days. According to the TIGTA report, the range of time it takes the IRS to resolve an income tax identity theft victim’s account and pay the legitimate refund ranged from a commendable low of 16 days to an inexcusable high of 762 days.


So what should you do if you are a new victim of income tax identity theft?    Filing a police report immediately is very important in order to document your claim.  Although this is the era of electronic communications, the next thing you should do is mail to the IRS a paper tax return with an attached Form 14039 Identity Theft Affidavit and the police report.  According to the IRS, this will shave an average of 54 days off the time it takes the IRS to process your claim.   Your case will then be assigned to an IRS employee to assist you with clearing your name and getting your refund. As a victim of identity theft, you also are eligible to receive an Identity Protection Personal Identification Number (IP PIN) to use for future income tax returns to protect you from becoming a victim again of income tax identity theft.  You also should put a credit freeze on your credit report because if someone is able to file an income tax return on your behalf, they have access to your Social Security number which they could also use to access your credit report and obtain credit in your name.  Putting a credit freeze on your credit report will thwart future attempts by an identity thief to access your credit.  You can find information about credit freezes and how to put one on your credit reports at Experian, Equifax and Transunion by going to the Archives section of Scamicide.

Scam of the day – April 3, 2015 – Yet another new income tax identity theft scam

April 3, 2015 Posted by Steven Weisman, Esq.

Earlier this week, Krebs on Security reported that one of its readers, Michael Kasper had become a victim of income tax identity theft in a new manner.  The IRS provides free electronic filing through its Free File Software for people with incomes of $60,000 or less and its Free File Fillable Forms for people with incomes of more than $60,000 and it is the Free File Fillable electronic filing program that was used by an identity thief to file an income return electronically and claim a $8,926 refund based on upon falsified W-2 information provided by the identity thief on the return.   Kasper became aware of the problem when he went to file his income tax return using Turbo Tax and was informed that an income tax return using his name and Social Security number had already been filed and the refund sent electronically to a bank from which Kasper later learned that substantial amounts of the refund had already been depleted from the account using a debit card.  Kasper has indicated great frustration with the manner in which the IRS has handled the investigation and further believes that the identity thief had accessed Kasper’s previous federal income tax returns using the IRS’  Get Transcript program by which taxpayers can obtain copies of previous income tax returns after providing verification of the taxpayer’s identity through answering questions, the answers to which are too often readily available online.


Income tax identity theft continues to be a huge problem costing taxpayers an estimated 5.9 billion dollars this year alone.  One thing that taxpayers can do to reduce their chances of becoming a victim of identity theft is to file their income tax returns as soon as possible in order to limit the opportunity for an identity thief to file one first in the taxpayer’s name.  Protecting your Social Security number and other personal information is also of paramount importance for taxpayers to protect themselves.  However, we are all only as safe as the places that hold our personal information with the weakest security.  Although Michael Kasper does not have evidence that his personal information was accessed from the IRS by the identity thief who victimized them, the IRS’ data security is not as strong as it should be and just last month was the subject of a General Accountability Office (GAO) investigation in which the GAO detailed numerous security failings of the IRS that need to be addressed.  Here is a link to the highlights of the GAO report.

Scam of the day – March 30, 2015 – A new wrinkle on income tax identity theft

March 29, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a 5.9 billion dollar problem that the IRS and Congress have still not responded to sufficiently.  Most income tax identity theft involves a criminal filing an income tax return with phony W-2 information using a victim’s Social Security number.  If undiscovered by the IRS, as many of these phony returns are, the IRS sends the refund and the person whose Social Security number was stolen has his or her legitimate income tax return flagged when it comes in as a second income tax return using the same Social Security number.  It often takes many months before the victim is able to get his or her true refund.

But now, a new twist has come to income tax identity theft.  Where most income tax identity theft, as described above relies on the identity thief filing an income tax return before the victim files his or her legitimate tax return, now we are seeing a number of people who file their income tax returns electronically using TurboTax having their refunds stolen after the victim has electronically filed their legitimate income tax return.

People who have been victimized by this new type of income tax identity theft all filed electronically and had their electronic filing fees deducted from their refunds.  Generally the refunds are deposited with Tax Products Group a bank owned by the Green Dot Corporation where the fees are taken out and the balance sent to a bank account designated by the tax filer.  What has been happening is hackers are hacking into the accounts of their victims and changing the bank account into which the refund is to be deposited.  It is not clear yet if the breach of security is with TurboTax, Tax Products Group or the individual taxpayers although it would appear from the relatively small numbers of people so far affected by this scam that the security breach is with the individual taxpayers whose own computers were most likely hacked.


Filing income tax returns online through TurboTax and other similar companies is still a safe way to file your taxes.  In response to this problem, TurboTax has already made security changes including requiring users of TurboTax to answer security questions before they are able to access their accounts or refunds.  TurboTax is also considering flagging customers who attempt to change their bank account information.  These are good steps to help stop this type of identity theft, but we have to do our part as well.  Protecting the computers and other electronic devices you use for financial transactions with regularly updated security software and avoiding clicking on links and downloading attachments unless you are absolutely sure that the links or attachments are legitimate are important steps that everyone should take.

Scam of the day – March 25, 2015 – Prisoners become victims of identity theft

March 24, 2015 Posted by Steven Weisman, Esq.

In a somewhat surprising and ironic development, IRS officials have found that prisoners are becoming victims of identity theft in increasing numbers.  Phony income tax returns using the Social Security numbers of prisoners, according to most recent data has dramatically increased in recent years to more than 137,000 per year at a cost of about 70 million dollars to the Treasury.  Federal prosecutors have begun to target this type of crime.  Last year an Alabama bail bondsman, two former Alabama prison employees, a Florida prison guard and a Georgia man were all convicted in separate federal prosecutions for  stealing the Social Security numbers of 1,200 prisoners and filing phony income tax returns claiming more than 6.5 million dollars in fraudulent refunds.  In an Alabama state court, a prison clerk at the Staton Correctional Facility with access to Social Security numbers of prisoners illegally filed phony tax returns using the Social Security numbers of inmates and managed to get $176,000 in fraudulent refunds before he was caught.  He is no longer a prison clerk.  He is now a prisoner doing a ten year sentence.


Of course, as I have been advocating for years now in regard to income tax identity theft, if Congress were to change the law so that when employers file W-2s with the Social Security Administration in February and March, they file copies with the IRS at the same time so that the IRS could match the actual W-2s with the phony ones used with fraudulent income tax returns before returning a refund, income tax identity theft could be all but eliminated.  Presently, employers are required to file W-2s with the Social Security Administration in February and March, but the Social Security Administration does not get around to sending them to the IRS until July, long after the IRS has sent out refunds based upon the W-2s filed with the fraudulent returns.

Until Congress finally acts, the best way to avoid income tax identity theft is to protect the privacy of your Social Security number as best you can and file your income tax return early before an identity thief can beat you to the punch.

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.


The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – February 22, 2015 – IRS warns tax preparers of phishing emails

February 22, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a huge problem that costs the taxpayers more than 5 billion dollars a year.  Identity thieves armed with an unwary victim’s Social Security number files, generally electronically, a phony tax return on behalf of the victim with a fake W-2 that shows a substantial fraudulent refund due.  If the legitimate taxpayer files his or her income tax return after the identity thief, the real income tax return will be flagged and a long investigation will occur before the real taxpayer is able to receive his or her legitimate refund.

Now the IRS is issuing a warning to accountants and other tax preparers about a phishing scam where the tax preparer receives what appears to be an email from the IRS asking the tax preparer to update their IRS e-services portal information and Electronic Filing Identification Numbers (EFINs).  Links are provided in the email for entering the tax preparer’s username and password which is what the identity thief sending this phishing email is seeking.  Once the identity thief has this information, it is easier for him or her to file phony tax returns.  The IRS is advising anyone who receives one of these emails to delete it after forwarding it to the IRS at


As I have warned you many times, you can avoid phishing emails regardless of how clever they may be or how legitimate they may appear if you make it a practice to never click on links in emails, download attachments or provide personal information until you have absolutely confirmed that the communication is legitimate.  In this case, it is easy to call the IRS to confirm that this is a scam.  Even if the email or text message appears to have come from a trusted source, your trusted source may have had his or her email account or smartphone hacked so it is always necessary to confirm that any communication you receive is legitimate before clicking on links, downloading attachments or providing personal information.  Clicking on tainted links or downloading tainted attachments can result in keystroke logging malware being installed on your computer or other electronic device that will steal personal information from your computer or other electronic device and use it to make you a victim of identity theft.  Remember my motto, “trust me, you can’t trust anyone.”