|You read about it in the newspaper, see it reported on TV, and internet reports and stories are countless. Tax return identity theft is serious and a growing problem that requires both protective measure and the tools needed to address this if it happens to you.
Tax return identity theft happens when someone uses your personal information such as your name and Social Security Number without permission to fraudulently obtain refunds.
Thieves normally file early in the tax-filing season, often before the IRS has received Forms W-2 or 1099, to thwart information matching and avoid receiving duplicate return notices from the IRS. Taxpayers sometimes discover they are victims of identity theft when they e-file or receive a notice from the IRS stating that “more than one tax return was filed with their information or that IRS records show wages from an employer the taxpayer has not worked for in the past”.
In 2011, the IRS processed about 145 million returns. About 109 million were claims for refunds, with an average refund amount of almost $3,000. As of May 16, 2012, the IRS had pulled 2.6 million returns for possible identity theft, and that trend is on the increase. The IRS recently reported an inventory of more than 450,000 identity theft cases. For the 2011 filing season, the Treasury Inspector General for Tax Administration (TIGTA) estimated that identity-theft-related fraud accounted for approximately 1.5 million tax returns in excess of $5.2 billion.
Consequences of Identity Theft
Tax return identity theft delays legitimate taxpayer refunds because the return appears to be a duplicate return and may be a sign of other fraud or identity theft problems. IRS support to solve traditional and non-fraud problems may be delayed as well when IRS resources are diverted to combat identity theft.
Other tax-related identity theft can cause problems for the Tax return identity theft delays legitimate taxpayer refunds because the return appears to be a duplicate return and may be a sign of other fraud or identity theft problems. IRS support to solve traditional and non-fraud problems may be delayed as well when IRS resources are diverted to combat identity theft. Other tax-related identity theft can cause problems for the taxpayer as well. If an individual fraudulently used a taxpayer’s SSN to get a job, the taxpayer may have extra W-2 wages erroneously reported (and perhaps also extra taxes withheld), leading to a correspondence matching audit.
Further, until recently, the IRS would hold suspicious refunds while verifying the underlying W-2 information, for up to 11 weeks. With the increase in the number of cases and budget limitations, refunds may take longer.
A typical identity theft starts when thieves have (illegally) bought or stolen information from individuals, employers, hospitals, or nursing homes or have used the public list of deaths with SSNs issued by the Social Security Administration. With a number or list of numbers, they file false tax returns for refunds. For example, investigators found a single address that was used to file 2,137 tax returns for $3.3 million in refunds. Most thieves prefer to receive the refund using direct deposit or prepaid debit cards. In another example, 590 tax refunds totaling more than $900,000 were deposited into a single bank account. Although banks have strict rules to verify the identity of account holders, they don’t have the ability to monitor whether the direct deposit is for a legitimate refund.
Although the IRS planned to spend about $330 million in 2012 to combat identity theft, the IRS has limited resources and needs additional funding to combat this problem. Identity theft also happens to tax systems in other countries, but the extent of the problem is lessened in countries where the government can immediately (or in “real-time”) match income and withholding of the tax return.
How ID is Stolen
Common ways to obtain personal information include email or telephone phishing and Dumpster diving. Thieves are looking for “discarded tax returns, bank records, credit card receipts or other records containing personal and financial information. For example, some taxpayers receive email messages allegedly from the IRS advising them that they are under investigation or have a refund pending. To get the victim to respond, the email may threaten a dire consequence. Often, the recipient is asked to click on a link to access what appears to be—but is not—the legitimate IRS website.
The IRS does not send unsolicited, tax-account related emails to taxpayers and never asks for personal and financial information, including PINs and passwords, via email.
How Thieves are Caught
The IRS has several filters that address different issues. These filters are designed to distinguish legitimate returns from fraudulent ones and to prevent the recurrence of identity theft. If a tax return is caught by a filter, it is manually reviewed to validate the taxpayer’s identity. If the IRS identifies a suspicious return, it corresponds with the taxpayer to verify the correct information. Alternatively, if a second, unauthorized person is using the taxpayer’s SSN, the taxpayer may receive a correspondence audit notice informing the taxpayer that he or she failed to report income from another (erroneous) employer. When a taxpayer’s identity has been stolen, the legitimate taxpayer may be issued a confidential identity protection PIN (IP PIN) that identifies the taxpayer as the legitimate party using the SSN and other identifying information. The IRS issues these numbers to taxpayers who have reported that their identities have been stolen, verified their identities, and had an identity theft indicator applied to their accounts. Not all victims of identity theft will receive an IP PIN—the IRS says that taxpayers who submitted Form 14039, Identity Theft Affidavit, and proper documentation or taxpayers whom the IRS has itself identified as victims will receive them. During the 2012 filing season, the IRS issued 250,000 IP PINs, up from about 54,000 the year before. Once the IP PIN has been issued, it must be present and correct on the specific tax return for which it was issued. For the 2012 tax year, the six-digit IP PIN is inserted at the bottom of page 2 of Form 1040, to the right of the taxpayers’ signatures.
If two taxpayers are married filing jointly and each taxpayer receives an IP PIN, the couple should use the IP PIN of the SSN that appears first on the tax return. Tax preparation software is generally equipped to ask taxpayers if they received an IP PIN. If a taxpayer is filing a printed copy of the return, however, this number will not print, and should be handwritten in the space provided. A request for an extension or installment agreement using an IP PIN must be made on paper, but the tax return may still be filed electronically.
A new IP PIN is issued every subsequent year as long as the theft indicator remains on the legitimate taxpayer’s account. Returns with an IP PIN are processed more efficiently, in that they bypass the regular filtering system, and the IP PIN prevents fraudulent returns from being processed. The IRS began a pilot program in 2010 to mark the accounts of deceased taxpayers to prevent misuse by identity thieves.
The following are some simple methods to help protect yourself:
Adopted from an article written by Valerie Chambers, CPA, PhD and Rabih Zeidan, CPA, PhD for the February 2013 Journal of Accountancy.