Tax Identity Theft Awareness Week

Date February 5, 2020
Categories
Article Authors
HBK CPAs & Consultants

The Federal Trade Commission (FTC) has announced that February 3 through February 7, 2020, is Tax Identity Theft Awareness Week. Awareness Week is part of the FTC’s initiative to provide resources to help taxpayers secure their tax identity and protect themselves from scams. More information on the FTC’s Tax Identity Theft Awareness Week can be found here.

Tax identify theft is a serious matter. Consider the following actions to protect yourself:

Limit the flow of your personal information
Personal information typically includes a person’s marital status, birthdate, social security number, mother’s maiden name, birthplace, etc. You can protect this information by shredding or otherwise destroying any personal or financial documents, keeping your social security card in a safe and secure location, and limiting the amount and type of information you post on social media. You should also ensure you have reputable security software installed and properly updated on your computers and other devices and that any wireless networks you have are secured with a password. Avoid entering usernames and passwords while using a shared internet connection or a public wireless network, as these connections are vulnerable.

Check your information on a regular basis
In addition to continuously checking credit card and bank statements to make sure there is no unauthorized use, monitor your credit report on a regular basis. Each of the three credit reporting agencies are required to provide you with a free report at least once a year. To obtain your free reports, visit www.annualcreditreport.com. It is also a good idea to review your work history with the Social Security Administration. This can also be done online by creating an account at www.socialsecurity.gov/myaccount.

Know what to do if your identity has been stolen
In the unfortunate event your identity is stolen, there are a number of steps you should take immediately to put a stop to the theft:
– Call the company or institution where you discovered the fraud occurred and notify them of the theft. Request that they close or freeze your accounts, and then change any login, password, or PIN information you may have.
– Place a fraud alert on your credit report by contacting one of the three credit reporting companies. The company will then notify the other two companies. Get a free copy of your credit report and review it for any accounts or transactions you don’t recognize.
– Contact the FTC online at www.identitytheft.gov to notify them that your identity was stolen. Their website will also walk you through these steps and help you create a recovery plan.

Once the theft has been reported and your accounts are secure, you will need to start mitigating the damage. Any fraudulent accounts that were opened should be closed, fraudulent charges should be removed from your accounts, and your credit report should be corrected. You should consider taking advantage of an identity theft monitoring agency, and placing an extended fraud alert or credit freeze on your account.

Take these additional steps if you are a victim of tax-related identity theft
If you learn your identity has been stolen by receiving an IRS notice with inaccurate information, or you are unable to file a return electronically because one has already been filed under your social security number, take the following immediately:
– Respond to any IRS notices right away by either calling the IRS at the number provided on the notice, or contacting your HBK tax advisor.
– If the notice instructs you to verify your identification, you should visit www.idverify.irs.gov and follow the steps provided. You will need to have the following information available:

  • Your prior year tax return
  • Your current year tax return, if filed
  • Any supporting documents, such as W-2s or 1099s

– If your e-filed return was rejected because of a duplicate filing, complete Form 14039, “Identity Theft Affidavit,” and mail or fax it to the IRS with proof of your identity.
– Continue to file your tax return and pay all taxes owed, even if you have to paper file.

The Identity Protection PIN Program
If you are a victim of tax-related identity theft and follow the above steps, the IRS will automatically issue you an Identity Protection (IP) PIN. The IP PIN is a 6-digit number that the IRS assigns to eligible taxpayers to help prevent the misuse of their social security number on fraudulent federal income tax returns.

The IRS will mail you a CP01A Notice with your IP PIN. If you have been issued an IP PIN you can obtain a lost IP PIN or opt into the program through the irs.gov website.

The IP PIN helps the IRS verify a taxpayer’s identity and accept their electronic or paper tax return. We will need this PIN in order to file your tax return.

Be Aware of Common Scams
It is important to stay vigilant and be aware of current scam attempts or warning signs that could indicate your identity is at risk. The IRS never initiates contact by phone or email to discuss a tax matter; their first contact is always by mail. Additionally, the IRS never requires payment with a prepaid debit card or a money transfer. Such solicitations are warning signs that you are not speaking with the IRS.

If you believe you have been contacted by a fraudulent person you can file a complaint with the Treasury Inspector General for Tax Administration at tigta.gov or 800-366-4484. You can also file a complaint and report the fraudulent call with the FTC at ftc.gov/complaint or 877-FTC-HELP.

As always, we’re here to help. Please contact us with your questions or concerns.

Speak to one of our professionals about your organizational needs

"*" indicates required fields



Ever Present: Tax Identity Theft Scams

Date July 23, 2018
Categories
Article Authors
HBK CPAs & Consultants

Although the IRS took successful steps to reduce tax-related identity theft in 2017, the agency warns taxpayers to stay alert about tax identity crime. Because, even though the traditional tax season is months away, for cyber criminals, busy season is year round. It’s important for taxpayers to stay informed. Here are some useful tips on how to avoid tax identity theft.

What is tax-related identity theft?

First, some basic information defining tax related cyber crimes. According to the IRS, tax-related identity theft generally occurs when a thief uses a stolen Social Security number (SSN) to file a tax return claiming a fraudulent refund. The victim is typically unaware until he or she attempts to file a tax return and finds that one has already been filed for that SSN. Alternatively, the taxpayer might discover the theft upon receipt of a letter from the IRS saying it has identified a suspicious return that uses the taxpayer’s SSN.

Scam artists have devised a variety of methods to obtain the information they need to file a tax return under another person’s SSN. During the past several years, the IRS, the Federal Trade Commission (FTC) and many state tax agencies have issued warnings as new methods come to the forefront.

How does tax-related identity theft occur?

Fraudulent returns are just one of many ways taxpayers are victimized. As the saying goes, “you’re only limited by your imagination”. Here are some typical scenarios:

Phone schemes. The IRS, within 10 days after April 18, 2018, highlighted a new phone scam perpetrated by these scam artists who program their computers to display the phone number of the local IRS Taxpayer Assistance Center (TAC) on the taxpayer’s Caller ID. If the taxpayer questions the legitimacy of the caller’s demand for a tax payment, the caller directs him or her to IRS.gov to verify the local TAC phone number.

You can guess what happens next. The caller states the need for a payment typically via a debit card, which allows them to directly access the victim’s bank account.

In another phone scheme, the criminals claim they’re calling from the IRS to verify tax return information. They tell taxpayers that the agency has received their returns and that they simply need to confirm a few details to process them. The taxpayers are prompted to provide personal information such as an SSN and/or bank or credit card numbers.

Digital schemes. Emails that appear to be from the IRS are part of phishing schemes intended to trick the recipients into revealing sensitive information that can be used to steal their identities. The emails may seek information related to refunds, filing status, transcript orders or PIN information.

The scammers have become creative on this approach, too. The emails might seem to come from an individual’s tax preparer and request information needed for an IRS filing. The information request could even come via a text message. Whether by text or email, the communication states that “you are to update your IRS e-file immediately” and includes a link to a fake website that mirrors the official IRS site. Once there, the individual is asked to provide information that gives the thieves all they need. Emails might also include links that cause the recipients to download malware that infects their computers and tracks their keystrokes or allows access to files stored on their computers which can lead to ransomware.

Do businesses need to worry?

Absolutely — businesses have also been targeted by criminals intent on victimizing their employees or the businesses themselves.

For several years now, criminals have employed different spoofing techniques known as business email compromise (BEC) or business email spoofing (BES). They disguise an email to an individual in a company’s human resources or payroll department so it seems to have come from an executive within the company. The email requests a list of all employees and their Forms W-2 — information that can be used to file returns in the employees’ names.

Scammers also are pursuing businesses’ Employer Identification Numbers (EINs). They then report false income and withholding and file for a refund in the companies’ names. Even worse for the companies, the IRS could go after them for payroll taxes reported as withheld but not remitted.

The IRS recently announced that it has seen a sharp increase in the number of fraudulent filings of certain business tax forms, including Schedule K-1 and those filed by corporations and partnerships. As a result, the IRS may ask businesses for additional information (such as the driver’s license numbers of owners) to help identify suspicious tax returns.

How does the IRS contact taxpayers?

The IRS has made it clear that it will not:

  • Threaten to bring in law enforcement to have someone arrested for nonpayment of taxes,
  • Revoke a driver’s license, business license or immigration status for nonpayment,
  • Demand a specific payment method, such as a prepaid debit card, gift card or wire transfer,
  • Request a debit or credit card number over the phone,
  • Demand the payment of taxes without the opportunity to question or appeal the amount owed (the IRS usually mails a bill when a taxpayer owes taxes),
  • Send unsolicited emails, texts or messages through social media channels suggesting taxpayers have refunds or need to update their accounts, or
  • Request any sensitive information online.

The IRS will call or visit a home or business in only very limited circumstances. It might do so, for example, if a taxpayer has a severely overdue tax bill, to secure an employment tax payment, or to tour a business as part of an audit or a criminal investigation. Yet, even in those special situations, the IRS generally will first send several notices by mail. What can victims and targets do?

If you know or suspect you’ve fallen prey to tax-related identity theft, you’ll need to file IRS Form 14039, “Identity Theft Affidavit.” The IRS and FTC recently announced a joint project that allows people to report such theft to the IRS online through the FTC’s IdentityTheft.gov website. Remember, though, that filing the affidavit doesn’t eliminate the need to pay your taxes.

In addition, the FTC advises victims of all types of identity theft to file a complaint on its website and contact one of the three major credit bureaus (TransUnion, Experian and Equifax) to place a fraud alert on their credit records. You also should contact your financial institutions and close any financial or credit accounts opened or tampered with by identity thieves. If you received, but didn’t fall for, a scam email, you should still report it. The IRS urges individuals who receive unsolicited emails purporting to come from the IRS to forward the messages to phishing@irs.gov before deleting.

Stay alert

Don’t make the mistake of letting your guard down because tax season has yet to begin. If you receive a suspicious communication allegedly from the IRS or other taxing authority, please contact us for confirmation of its validity and advice on how to proceed.

Speak to one of our professionals about your organizational needs

"*" indicates required fields