This past year, tax professionals nationwide have seen an alarming increase in identity theft happening with their clients. At this time, there is no better information to determine how or why certain people have been targeted, but we have seen a trend most recently with the medical community. Please keep in mind, this is happening across the nation, and is certainly not isolated to Rapid City, or even South Dakota. In fact, in a few states, the FBI, the secret service and the IRS have teamed up to try and find some answers.
Here is how it is uncovered in most cases. Your tax professional prepared a tax return for you, and tried to e-file the return as required by the IRS. An e-file rejection notice is received that states a return has already been accepted using the Social Security Number on the return. This is the first clue that you may have been a victim of identity theft. This breach may be limited to the IRS and it likely has no correlation (yet) to your bank account or credit cards.
Next, you have to prove to the IRS who you are by completing a simple form to attach to a paper filed tax return. The form includes proof of your identity such as a copy of your driver’s license. This process can be long and cumbersome.
According to an article in the Wall Street Journal, the IRS has found nearly 580,000 returns claiming more than $3.6 billion in fraudulent refunds during the 2013 filing season. This number has been growing rapidly, and has become a increasing concern in our area of the country. No longer can this be put off as only happening in urban areas like Florida or California.
Your Social Security number (SSN) is the key to these fraudulent returns. The thieves have found your number, and are filing an early, fraudulent return, claiming false information to get quick refunds. As Paul Thorstenson, CEO and Partner of Ketel Thorstenson, LLP, was recently quoted, “My Social Security card, which was issued in 1961, says on it: ‘This shall not be used for identification purposes, now, it’s used for everything.'” It is key to protect your SSN, yet so many things require it as proof of identification.
In response, the refund process from the IRS is getting slower as well. The IRS has implemented 14 additional filters in their system attempting to monitor the identity theft issues better. They are also suspending deceased taxpayers SSN’s quickly, as this has been found to be an easy target area for identity thieves.
The IRS has set up some scam email alert websites at www.usa.gov and www.ftc.gov. If you receive an email you suspect to be a phishing email or scam, please send to email@example.com. I personally received an email just last week which stated my “refund” was increased. The email looked legitimate. The only problem is I have not filed a return yet.
So what should you be on the lookout for? Watch out for things like misspelled words, or if the email wants you to respond with “just a bit more information”. Do not disclose personal information in responses to emails. Remember, the IRS does NOT initiate contact with you via email; it will be via the mail.
There are three types of letters or notices the IRS is currently sending out in relation to getting more information before completing the processing of your return. If you would like assistance, we can help you respond and complete your filing with the IRS. The IRS is trying to verify that you have actually filed the return they are processing, and that you are not filing a fraudulent return.
If you have been a victim of identity theft, and have proved you are who you say you are to the IRS, they will issue you a six digit PIN number. Future filings of your return will require this PIN number, and you should protect this information like any other PIN or password. We can speculate that within a few years, everyone will be filing with assigned PIN numbers. If you need help, or suspect you have been a victim of identity theft, please contact your tax professional to help you though this process.
What happens now? Here are steps to help protect yourself:
- Change your passwords and pins regularly
- Make your passwords unique.
- Avoid using birthdays, kids’ names, pet names, social security numbers etc.
- Make passwords that are a mix of numbers and characters and that are least seven characters long.
- Avoid using the same password for all of your online activity.
- Memorize your passwords and do not write them down, or give them to someone.
- Be aware of “Phishing.” This is when legitimate websites are copied and used to create phony sites in order to obtain confidential information.
- Monitor your bank account and credit cards regularly.
- Never provide personal information on the phone or over the internet unless you have initiated the contact.
- Do not use your credit card or debit card information to pay for an online purchase unless you have initiated the purchase and it is done through a secure, encrypted system (look for the “https” in the internet address.)