Be Prepared for Taxpayer ID Theft by Knowing the Warning Signs
Vice President and ID Theft Practice Leader
Unfortunately, taxpayer identity theft and refund fraud happens when identity criminals steal the Personally Identifiable Information (PII) of taxpayers and file fraudulent refunds in their names. When the real taxpayers file, their refunds aren't paid until the IRS resolves their individual case.
Two common examples of Taxpayer Identity Theft include:
- Refund Fraud – occurs when an identity thief uses an innocent taxpayer's name and Social Security Number (SSN) to file for a tax refund. Not until the actual taxpayer files a return does it become apparent that both identity theft and fraud have been committed.
- Employment Fraud – occurs when an identity thief uses an innocent taxpayer's name and SSN to obtain employment. When the thief's employer reports income to the IRS, the taxpayer appears to have unreported income on his or her return, leading to enforcement action.
The IRS has prepared a Taxpayer Guide to Identity Theft (please see here: https://www.irs.gov/uac/taxpayer-guide-to-identity-theft) to help fight against tax-related identity theft.
This taxpayer guide will help you understand what is taxpayer identify theft and the warning signs. It will also help you with steps to take if you become a victim including:
- Filing a complaint with the FTC at: identitytheft.gov.
Contact one of the three major credit bureaus to place a 'fraud alert' on your credit records:
- Equifax, www.Equifax.com, 1-800-766-0008
- Experian, www.Experian.com, 1-888-397-3742
- TransUnion, www.TransUnion.com, 1-800-680-7289
Contact your financial institutions, and close any financial or credit accounts opened without your permission or tampered with by identity thieves.
According to the IRS, you can reduce your risk of taxpayer identity theft by following these basic suggestions:
- Always use security software with firewall and anti-virus protections. Use strong passwords.
- Learn to recognize and avoid phishing emails, threatening calls and texts from thieves posing as legitimate organizations such as your bank, credit card companies and even the IRS.
- Do not click on links or download attachments from unknown or suspicious emails.
- Protect your personal data. Don't routinely carry your Social Security card, and make sure your tax records are secure.
Finally according to the General Accountability Office (GAO), the "IRS estimates that in 2014, it prevented or recovered $22.5 billion in attempted IDT refund fraud, but paid $3.1 billion in fraudulent IDT refunds. Because of the difficulties in knowing the amount of undetected fraud, the actual amount could differ from these point estimates."
If you believe you are a victim of Taxpayer Identity Theft, you can contact the IRS at 1-800-908-4490 and complete the IRS Identity Theft Affidavit, Form 14039.
If you receive a suspicious email or believe you have received an online phishing scam you can call 1-800-366-4484 or report it to the IRS at: firstname.lastname@example.org.
It is also very important to remember that the IRS does not initiate contact with taxpayers by email to request personal or financial information!
To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at www.idtheftedu.com.
SCAM ALERT: QuickBooks phishing con targets small businesses
January 9, 2017
Don't Click on Phony QuickBooks Email
This clever new phishing scam is fooling small businesses. The message looks like an email alert from accounting software QuickBooks, but it's really a phishing con.
How the Scam Works:
You receive an email with the subject line "QuickBooks Support: Change Request." The message is "confirming" that you changed your business name with Intuit, QuickBook's manufacturer. However, you never made such a request. It must be a mistake, but fortunately the email contains a link to cancel.
Pause before you click! Scammers know that you didn't make this request, and the link to cancel is simply bait. It downloads malware to your device, which scammers use to capture passwords or hunt for sensitive information on your machine. This can open you up to identity theft.
How to Spot a Phishing Scam:
Always be wary of expected emails that contain links of attachments. Here are some other ways to spot phishing messages.
- Check the reply email address. One easy way to spot an email scam is to look at the reply email. The address should be on a company domain, such as email@example.com.
- Check the destination of links: Hover over links to see where they lead. Be sure the link points to the correct domain (www.companyname.com) not a variation, such as companyname.othersite.com or almostcompanyname.com. Scammers can get creative, so look closely.
- Consider how the organization normally contacts you. If an organization normally reaches you by mail, be suspicious if you suddenly start receiving emails or text messages without ever opting in to the new communications.
- Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Be especially wary of messages you have not subscribed to or companies you have never done business with in the past.
- Don't believe what you see. Just because an email looks real, doesn't mean it is. Scammers can fake anything from a company logo to the "Sent" email address.
For More Information:
Learn more about phishing scams and how to protect yourself on the FTC website: consumer.ftc.gov/articles/0003-phishing
Courtesy of the Better Business Bureau - for more information visit http://www.bbb.org/phoenix/news-events/
If you believe your identity has been stolen, call 866.SMART68 today.