Posts Tagged: ‘income tax identity theft’

Scam of the day – April 26, 2015 – Intuit sued regarding income tax identity theft

April 26, 2015 Posted by Steven Weisman, Esq.

A lawsuit has been filed in the Federal District Court for the Northern District of California by Christine Diaz and Michelle Fugatt against Intuit, the maker of TurboTax, the popular tax preparation software used by so many people to file both state and federal income tax returns.  Christine Diaz had not used TurboTax since 2011, however someone had managed to access her online TurboTax account to file state income tax returns in Michigan, Missouri, Ohio and Oklahoma as well as a federal income tax return using her Social Security number and name.  Interestingly, the other plaintiff, Michelle Fugatt, had never used TurboTax, but someone managed to set up an account in her name and file an income tax return using her name and Social Security number through TurboTax.

The lawsuit, which will most likely seek class action status to represent many more victims of income tax identity theft tied to TurboTax, alleges that TurboTax has negligently poor security which caused the plaintiffs to become victims of income tax identity theft.  TurboTax has indicated that about 60% of the fraudulent income tax returns filed using TurboTax software used personal information including Social Security numbers stolen from places other than TurboTax to set up TurboTax accounts to file phony income tax returns.  The remaining 40% of fraudulent income tax returns using TurboTax, the company says, can be traced back to identity thieves who have been able to hack into the accounts of TurboTax customers and gain access to personal information including past tax returns and then use that information to file phony tax returns.

Presently the FBI is investigating the tie between income tax identity theft and TurboTax.


Electronic filing has been a boon to legitimate taxpayers looking for a convenient way to file their income tax returns and more quickly get their refunds.  However, it has also been a boon to identity thieves.  In 2010 there were 500,000 fraudulent income tax returns filed electronically with the IRS, however, this number rose to close to 2 million in just three years and it shows no signs of slowing down.  Fraudulent income tax returns largely filed electronically cost the IRS and, in turn, the American taxpayers 5.8 billion dollars in fraudulent refunds paid by the IRS to income tax identity thieves.

TurboTax has recently added new security provisions including a requirement that TurboTax customers provide a code that TurboTax sends to their smartphone or email address in order to access their accounts from a computer other than their home computer

However, much of the security problem is caused by TurboTax users themselves.  Too many people use the same user name and password for all of their accounts so if this information is stolen by hackers from another account of the victim, it can be used to access their TurboTax account.  In addition, many taxpayers become victims because they are too careless in protecting the privacy of their Social Security number either on their computer or in paper documents.

Finally, a particularly safe way to use TurboTax, so long as your computer is protected by good anti-malware and anti-virus software is to use the desktop version of TurboTax rather than the online version so that TurboTax never has a record of your information.

Scam of the day – April 15, 2015 – TIGTA report on income tax identity theft

April 14, 2015 Posted by Steven Weisman, Esq.

The April 15th deadline for the filing of federal income taxes has come and gone, but if you have become a victim of income tax identity theft this tax season, your problems have only just begun. Income tax identity theft occurs when an identity thief files an income tax return using the name and Social Security number of a legitimate taxpayer and claims a refund based generally on a counterfeit W-2.  If you discover that you are a victim of income tax identity theft this year, your problems have just started. According to a recently released report by the Treasury Inspector General for Tax Administration (TIGTA), although the IRS has made some progress in assisting the innocent victims of income tax identity theft in getting their legitimate refunds, it still takes, on average, 278 days to resolve the claim of a victim of income tax identity theft although the IRS routinely tells taxpayers that they can expect their claims to be resolved within 180 days. According to the TIGTA report, the range of time it takes the IRS to resolve an income tax identity theft victim’s account and pay the legitimate refund ranged from a commendable low of 16 days to an inexcusable high of 762 days.


So what should you do if you are a new victim of income tax identity theft?    Filing a police report immediately is very important in order to document your claim.  Although this is the era of electronic communications, the next thing you should do is mail to the IRS a paper tax return with an attached Form 14039 Identity Theft Affidavit and the police report.  According to the IRS, this will shave an average of 54 days off the time it takes the IRS to process your claim.   Your case will then be assigned to an IRS employee to assist you with clearing your name and getting your refund. As a victim of identity theft, you also are eligible to receive an Identity Protection Personal Identification Number (IP PIN) to use for future income tax returns to protect you from becoming a victim again of income tax identity theft.  You also should put a credit freeze on your credit report because if someone is able to file an income tax return on your behalf, they have access to your Social Security number which they could also use to access your credit report and obtain credit in your name.  Putting a credit freeze on your credit report will thwart future attempts by an identity thief to access your credit.  You can find information about credit freezes and how to put one on your credit reports at Experian, Equifax and Transunion by going to the Archives section of Scamicide.

Scam of the day – April 3, 2015 – Yet another new income tax identity theft scam

April 3, 2015 Posted by Steven Weisman, Esq.

Earlier this week, Krebs on Security reported that one of its readers, Michael Kasper had become a victim of income tax identity theft in a new manner.  The IRS provides free electronic filing through its Free File Software for people with incomes of $60,000 or less and its Free File Fillable Forms for people with incomes of more than $60,000 and it is the Free File Fillable electronic filing program that was used by an identity thief to file an income return electronically and claim a $8,926 refund based on upon falsified W-2 information provided by the identity thief on the return.   Kasper became aware of the problem when he went to file his income tax return using Turbo Tax and was informed that an income tax return using his name and Social Security number had already been filed and the refund sent electronically to a bank from which Kasper later learned that substantial amounts of the refund had already been depleted from the account using a debit card.  Kasper has indicated great frustration with the manner in which the IRS has handled the investigation and further believes that the identity thief had accessed Kasper’s previous federal income tax returns using the IRS’  Get Transcript program by which taxpayers can obtain copies of previous income tax returns after providing verification of the taxpayer’s identity through answering questions, the answers to which are too often readily available online.


Income tax identity theft continues to be a huge problem costing taxpayers an estimated 5.9 billion dollars this year alone.  One thing that taxpayers can do to reduce their chances of becoming a victim of identity theft is to file their income tax returns as soon as possible in order to limit the opportunity for an identity thief to file one first in the taxpayer’s name.  Protecting your Social Security number and other personal information is also of paramount importance for taxpayers to protect themselves.  However, we are all only as safe as the places that hold our personal information with the weakest security.  Although Michael Kasper does not have evidence that his personal information was accessed from the IRS by the identity thief who victimized them, the IRS’ data security is not as strong as it should be and just last month was the subject of a General Accountability Office (GAO) investigation in which the GAO detailed numerous security failings of the IRS that need to be addressed.  Here is a link to the highlights of the GAO report.

Scam of the day – March 30, 2015 – A new wrinkle on income tax identity theft

March 29, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a 5.9 billion dollar problem that the IRS and Congress have still not responded to sufficiently.  Most income tax identity theft involves a criminal filing an income tax return with phony W-2 information using a victim’s Social Security number.  If undiscovered by the IRS, as many of these phony returns are, the IRS sends the refund and the person whose Social Security number was stolen has his or her legitimate income tax return flagged when it comes in as a second income tax return using the same Social Security number.  It often takes many months before the victim is able to get his or her true refund.

But now, a new twist has come to income tax identity theft.  Where most income tax identity theft, as described above relies on the identity thief filing an income tax return before the victim files his or her legitimate tax return, now we are seeing a number of people who file their income tax returns electronically using TurboTax having their refunds stolen after the victim has electronically filed their legitimate income tax return.

People who have been victimized by this new type of income tax identity theft all filed electronically and had their electronic filing fees deducted from their refunds.  Generally the refunds are deposited with Tax Products Group a bank owned by the Green Dot Corporation where the fees are taken out and the balance sent to a bank account designated by the tax filer.  What has been happening is hackers are hacking into the accounts of their victims and changing the bank account into which the refund is to be deposited.  It is not clear yet if the breach of security is with TurboTax, Tax Products Group or the individual taxpayers although it would appear from the relatively small numbers of people so far affected by this scam that the security breach is with the individual taxpayers whose own computers were most likely hacked.


Filing income tax returns online through TurboTax and other similar companies is still a safe way to file your taxes.  In response to this problem, TurboTax has already made security changes including requiring users of TurboTax to answer security questions before they are able to access their accounts or refunds.  TurboTax is also considering flagging customers who attempt to change their bank account information.  These are good steps to help stop this type of identity theft, but we have to do our part as well.  Protecting the computers and other electronic devices you use for financial transactions with regularly updated security software and avoiding clicking on links and downloading attachments unless you are absolutely sure that the links or attachments are legitimate are important steps that everyone should take.

Scam of the day – March 25, 2015 – Prisoners become victims of identity theft

March 24, 2015 Posted by Steven Weisman, Esq.

In a somewhat surprising and ironic development, IRS officials have found that prisoners are becoming victims of identity theft in increasing numbers.  Phony income tax returns using the Social Security numbers of prisoners, according to most recent data has dramatically increased in recent years to more than 137,000 per year at a cost of about 70 million dollars to the Treasury.  Federal prosecutors have begun to target this type of crime.  Last year an Alabama bail bondsman, two former Alabama prison employees, a Florida prison guard and a Georgia man were all convicted in separate federal prosecutions for  stealing the Social Security numbers of 1,200 prisoners and filing phony income tax returns claiming more than 6.5 million dollars in fraudulent refunds.  In an Alabama state court, a prison clerk at the Staton Correctional Facility with access to Social Security numbers of prisoners illegally filed phony tax returns using the Social Security numbers of inmates and managed to get $176,000 in fraudulent refunds before he was caught.  He is no longer a prison clerk.  He is now a prisoner doing a ten year sentence.


Of course, as I have been advocating for years now in regard to income tax identity theft, if Congress were to change the law so that when employers file W-2s with the Social Security Administration in February and March, they file copies with the IRS at the same time so that the IRS could match the actual W-2s with the phony ones used with fraudulent income tax returns before returning a refund, income tax identity theft could be all but eliminated.  Presently, employers are required to file W-2s with the Social Security Administration in February and March, but the Social Security Administration does not get around to sending them to the IRS until July, long after the IRS has sent out refunds based upon the W-2s filed with the fraudulent returns.

Until Congress finally acts, the best way to avoid income tax identity theft is to protect the privacy of your Social Security number as best you can and file your income tax return early before an identity thief can beat you to the punch.

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.


The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – February 22, 2015 – IRS warns tax preparers of phishing emails

February 22, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a huge problem that costs the taxpayers more than 5 billion dollars a year.  Identity thieves armed with an unwary victim’s Social Security number files, generally electronically, a phony tax return on behalf of the victim with a fake W-2 that shows a substantial fraudulent refund due.  If the legitimate taxpayer files his or her income tax return after the identity thief, the real income tax return will be flagged and a long investigation will occur before the real taxpayer is able to receive his or her legitimate refund.

Now the IRS is issuing a warning to accountants and other tax preparers about a phishing scam where the tax preparer receives what appears to be an email from the IRS asking the tax preparer to update their IRS e-services portal information and Electronic Filing Identification Numbers (EFINs).  Links are provided in the email for entering the tax preparer’s username and password which is what the identity thief sending this phishing email is seeking.  Once the identity thief has this information, it is easier for him or her to file phony tax returns.  The IRS is advising anyone who receives one of these emails to delete it after forwarding it to the IRS at


As I have warned you many times, you can avoid phishing emails regardless of how clever they may be or how legitimate they may appear if you make it a practice to never click on links in emails, download attachments or provide personal information until you have absolutely confirmed that the communication is legitimate.  In this case, it is easy to call the IRS to confirm that this is a scam.  Even if the email or text message appears to have come from a trusted source, your trusted source may have had his or her email account or smartphone hacked so it is always necessary to confirm that any communication you receive is legitimate before clicking on links, downloading attachments or providing personal information.  Clicking on tainted links or downloading tainted attachments can result in keystroke logging malware being installed on your computer or other electronic device that will steal personal information from your computer or other electronic device and use it to make you a victim of identity theft.  Remember my motto, “trust me, you can’t trust anyone.”

Scam of the day – February 16, 2015 – Turbo Tax scam update

February 16, 2015 Posted by Steven Weisman, Esq.

As I reported to you previously, earlier this month following a rash of fraudulent state income tax filings using Turbo Tax software in nineteen states, Turbo Tax temporarily suspended electronic state income tax filings through Turbo Tax.  Although the matter is still under investigation, it does not appear that Turbo Tax was hacked.  More likely it is that identity thieves who already obtained the Social Security  numbers of their victims were using Turbo Tax’s convenient software to file fraudulent return in which they claim phony refunds.  On the federal level, this is a 5.2 billion dollar problem annually.  Now, enterprising identity thieves are sending out phishing emails that appear to be sent by Turbo Tax in which the email recipient is told that there is a problem with the person’s electronically filed income tax return and that they need to click on a link and provide personal information in order to rectify the problem.  This is a scam that is intended either to lure the victim into downloading keystroke logging malware that will steal personal information from the victim’s computer or other electronic device and use that information to make the person  a victim of identity theft or to lure the victim into providing the personal information directly to the identity thief posing as Turbo Tax.


Whenever you get an email or a text message either asking for personal information directly or instructing you to click on a link, you should not respond until you have absolutely confirmed that the email or text message is legitimate.  Making a counterfeit email look official is child’s play so even if the communication looks legitimate, you should not trust it.  The better course of action is to contact the company directly at a telephone number, email address or website that you know is legitimate to confirm whether the original communication was legitimate.  Scammers and identity thieves always take advantage of the latest public concerns to convince people to provide information used to make them victims of identity theft.

Scam of the day – February 10, 2015 – Turbo tax and income tax identity theft

February 10, 2015 Posted by Steven Weisman, Esq.

A few days ago, Intuit, the maker of Turbo Tax temporarily suspended the use of its state income tax filing software due to, what the company referred to as, “an increase in suspicious filings.”  After a couple of days, the company restored the usability of the state income tax filing software.  The issue came to a head recently when Minnesota’s Department of Revenue said it would no longer accept online tax filings using Turbo Tax because of problems with income tax identity theft.  The problem, however, is not with Turbo Tax, but rather with the entire system for filing state and federal income taxes online.  Once they have stolen someone’s Social Security number, identity thieves are finding it quite easy to file a phony income tax return using the Social Security number of the person whose identity they have stolen along with phony W-2 figures claiming a substantial refund.  Since neither the states nor the IRS compare the W-2 figures contained in tax returns with those filed by employers before sending out a refund, income tax identity theft is a low risk, high reward criminal enterprise which cost taxpayers more than 5.2 billion dollars last year in phony federal refunds.


The key to protecting yourself from income tax identity theft is two-fold.  First, protect the privacy of your Social Security number as much as possible and second, file as early as possible in order to beat an identity thief to the punch.

Scam of the day – February 9, 2015 – Break-in at Liberty Tax preparers

February 8, 2015 Posted by Steven Weisman, Esq.

Earlier this week burglars broke into the office of Liberty Tax in Highland, California and stole paper customer files as well as computers used in the office.  Liberty Tax is a nationally franchised tax preparation organization.  According to the San Bernadino County Sheriff’s Department, the thieves obtained the names, addresses and Social Security numbers of “a large number of clients” as well as credit card information of some clients.  Obviously this puts the affected customers in great danger of identity theft.


Affected Liberty Tax customers should immediately put a credit freeze on their credit reports at each of the three major credit reporting bureaus if they do not already have credit freezes in place.  You can find information about how to put credit freezes on your credit reports by going to the archives of Scamicide.  Accountants and tax preparers will, by the nature of their business have much sensitive personal information of their clients, which means that it is incumbent upon all of us who use accountants or tax preparers to inquire about what they do to protect the security of physical documents and computerized data.  All sensitive electronic data should be encrypted.  In addition, many identity thieves pose as tax preparers in order to gain access to personal information of their victims for purposes of identity theft.  Before you choose a tax preparer you should investigate him or her thoroughly.  Make sure they are registered with the IRS and look into whether they have had any charges or disciplinary actions taken against them.