Certified Identity Theft Risk Management Specialist and Personal Finance Expert Heather Wagenhals continues to warn listeners of the latest frauds and scams striking all targets. The most recent scam occurring with the Internal Revenue Service (IRS) affected more than 100,000 taxpayers this year. According to the IRS Commissioner John Koskinen, crooks used the IRS website to obtain taxpayer data needed to complete the phony requests.
Krebs on Security – Sign Up at IRS.gov Before Crooks Do It For You — track the nightmarish story of Michael Kasper, one of millions of Americans victimized by tax refund fraud each year. When Kasper tried to get a transcript of the fraudulent return using the “Get Transcript” function on IRS.gov, he learned that someone had already registered through the IRS’s site using his Social Security number and an unknown email address.
Koskinen was quoted today in an Associated Press story saying the IRS was alerted to the thieves when technicians noticed an increase in the number of taxpayers seeking transcripts. The story noted that the IRS said they targeted the system from February to mid-May, and that the service has been temporarily shut down. Prior to that shutdown, the IRS estimates that thieves used the data to steal up to $50 million in fraudulent refunds.
“In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles,” the IRS said in a statement. “During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.”
The Government Accountability Office (GAO) estimates that thieves steal nearly $6 billion from state and federal coffers last year via tax refund fraud. This year, fraudsters changed their tactics, leading to a huge spike in attempted fraudulent refund requests —particularly at the state level.
Earlier this week, I had an opportunity to interview John Valentine, chair of the Utah State Tax Commission. Valentine said this year his state saw a tenfold increase in suspicious tax refund filings, and that most of that increase was the result of a type of tax fraud the state had never seen before.
“This was unique, where someone clearly had the information from the prior year’s tax return,” Valentine said. “That different significantly from the way the return comes across if it’s just ID theft. If you have the prior year’s return, you have the names of children, their Social Security numbers and other data you don’t often times get with ID theft.”
These suspicious returns all had the filing status exactly the same [as the year prior], the number of exemptions exactly the same….you even got spelling errors on addresses and names, so that the same errors that occurred in the 2013 return occurred in the fraudulent 2014 return,” Valentine explained. “That’s what told us we were dealing with a different kind of fraud, especially since the extent of the fraud was ten times the amount of fraud we’d seen in the past.”
Valentine said he believes most of that increase was due to lax authentication and security at third-party tax preparation firms (TurboTax, for example). Based on numerous stories about poor authentication and virtually nonexistent “know-your-customer” procedures at TurboTax, I’ve no doubt the nation’s leading tax preparation firm contributed considerably to the spike. But that same data that Valentine references also could be had by pulling taxpayer data from the IRS’s site, which until very recently offered the full previous year’s W2 information on taxpayers.
Now, we want to hear from you! Would like to share your opinion or make a comment on the Unlock Your Wealth Radio Show? If so, then please leave your comment or questions in the space provided below and share this article with your friends and family on Facebook and Twitter. Your comments or question could be chosen as our featured Money Question Monday and a phone call by financial expert Heather Wagenhals could dial your way to be live on the Unlock Your Wealth Radio Show.