Protecting Yourself Against Tax Identity Theft

By | March 7th, 2017|Identity Protection|

CSIDEvery year, tax season gives way to a fresh wave of identity theft-related crimes that affect millions of Americans. In 2015, the U.S. Federal Trade Commission tracked a whopping 47% increase in identity theft complaints. Tax refund fraud was a major contributor to this spike, with FTC Chairwoman Edith Ramirez naming tax refund fraud as the “largest and fastest growing ID theft category” tracked by the commission.

Tax-related identity theft crimes involve thieves using stolen Social Security numbers to file tax returns and cash in on refunds. Tax identity theft victims usually discover the crime when their returns are rejected because scammers have already filed. It’s important to note that even those who are not required to file a return can also fall victim to return fraud. Similarly, even if you’re not owed a refund from the IRS, you are also at risk for these crimes.

Although the IRS reported that their public-private partnership crackdown efforts have helped prevent millions of dollars in fraudulent reports in 2016, there are steps that individuals should take to help reduce the likelihood of tax identity theft:

  • File early: The best way to avoid falling victim to tax identity fraud is filing your state and federal taxes as soon as filing season begins. This usually falls on the second or third week in January.
  • Watch out for tax documents in the mail: Usually, employers and banks will send hard copies of tax documents in the mail, noting “tax documents enclosed” on the envelope. This is an easy target for identity thieves, but can be avoided by having your mail delivered to a mailbox that locks, a P.O. box, or by simply checking your mail frequently.
  • Safeguard your Social Security number: Any vulnerability to your SSN can result in fraudulent tax crime. Some best practices for protecting your SSN are shredding documents that include the number, only sharing on secure documents when required, and keeping your Social Security card in a safe place. If you believe your SSN is at risk, there are monitoring services available that will alert you if a fraudulent name or address has used it.
  • Beware of phishing scams: The IRS saw a 400% increase in phishing and malware incidents in the 2016 tax season. These scams, conducted via email or telephone, are disguised as official communications from the IRS, tax software companies, and other tax companies. The scammers ask for personally identifiable information like SSNs. The IRS does not initiate contact with taxpayers by email, text messages, or social media to request personal or financial information. If you encounter a phishing scam, report it to the IRS.
  • Request a free copy of your credit report annually: Consumers are legally entitled to a free copy of their credit report from each of the major bureaus every year, which include Experian, Equifax, and TransUnion. Proactively disputing unauthorized or suspicious activity is one way to get ahead of potential identity theft. The three national credit reporting companies created a central location for ordering credit reports, which you can do by visiting com or by calling 1-877-322-8228.
  • Data breaches and your taxes: If you’ve fallen victim to a data breach where your SSN was compromised, it’s likely that this information could be used to file a fraudulent tax return. The FTC recommends that data breach victims notify one of the three major credit bureaus to place a free fraud alert on credit files. Another recommended step is a credit freeze, which prevents access to credit records. In some cases, the IRS may contact breach victims to inform them of tax-related identity theft or if an e-file tax return was rejected as a duplicate. In these instances, submit IRS Form 14039 (see below), and continue to file your tax return.

Victims of tax-related identity theft should respond immediately to notices from the IRS that indicate fraudulent tax activity. You can contact the IRS Identity Protection Specialized Unit to report fraud at 1-800-908-4490. It’s also worth filing a police report or an IRS ID Theft Affidavit Form 14039, along with proof of your identity like your Social Security card. Record the dates you made calls and keep any copies of letters you sent, along with all tax documents and IRS notices.

Proactivity is key when combating any instance of identity theft. If you’ve experienced tax identity theft and want to share any lessons learned, join the conversation on Facebook, Twitter, and LinkedIn.

IRS Breach Shows What Happens to PII After it is Sold on the Black Market

By | May 29th, 2015|Breach, Uncategorized|

IRS BreachThe IRS experienced a breach that is changing the way businesses and consumers think about personal information. Reporters attribute the IRS breach to a crime syndicate in Russia, who used personal information obtained elsewhere to exploit the Get Transcript feature on the IRS website. They successfully exploited 104,000 individuals and filed nearly $50 million in fraudulent tax funds.

“This breach is not just about what this single group is going to do with the information, but what happens when this information gets sold on the black market,” said cybersecurity author Peter Warren Singer to The New York Times. “It’s rare for the actual attackers to turn the information directly into money. They’re stealing the data and selling it off to other people.”

As Singer points out, this breach demonstrates how cyber criminals can take stolen data and exploit an online system to pick the pockets of thousands of consumers. Major data breaches thus far have proven that cyber criminals have the know-how to exploit major retailers’ security systems; this breach proves these criminals have more sophisticated schemes in their back pocket to cash in on the information they’ve stolen without having to find a vulnerability in an organization’s security system.

This is costly to businesses as it highlights the limited control they have on security breaches. Maintaining a healthy, secure system helps businesses avoid data breaches, but cyber criminals are working around secure systems by taking advantage of customers’ personal information. Gizmodo reporter Kate Knibbs calls this a “domino effect.” The way it works is that cyber criminals hack into a business’ system and steal customer data. Using that customer data, which includes name, address, email credentials and Social Security number, cyber criminals can log in to another business to make purchases or otherwise financially exploit a business. The result? A business is hijacked without its security system ever being hacked into. Cyber criminals are finding these workarounds, making their schemes more sophisticated and harder to identify from the outside.

So what exactly can we do to mitigate the risk of these types of breaches? Businesses and consumers must develop better habits and methods to protect their identities online. Password reuse is one of the most damaging habits of consumers. In fact, six out of 10 admit to reusing passwords across multiple sites. Convenience typically wins over security when it comes to interacting online. Businesses must innovate convenient options for consumers to better protect their digital identities. In the meantime, monitoring customer and employee credentials is a business’ best bet for protecting their assets.

How does this breach affect the way businesses handle security? How can businesses and consumers prioritize security over convenience when it comes to protecting digital identities? Let us know what you think on Facebook, Twitter and LinkedIn.

5 Steps to Remedy Taxpayer Identity Theft

By | April 2nd, 2015|Uncategorized|

Cyber SecurityAs we approach the 2014 tax filing deadline, many taxpayers gearing up to file their taxes may find that someone else has already fraudulently filed for them – and have cashed in their refund check. During the 2013 tax filing period, $5.8 billion was paid in identity theft refund costs, according to the U.S. Accountability Office “Identity Theft and Tax Fraud” 2015 report.

While the IRS has developed new measures to protect against taxpayer identity theft, including adding new pre-fund filters and limiting the way people direct deposit refunds, there are still taxpayers who will find themselves a victim this season. Last year in the first six months alone, 1.6 million taxpayers were affected by identity theft. This year, folks who are affected will spend hours on the phone tracking down where their return was sent, spend additional money in fees to access accounts that have been locked out by cyber criminals, and may still end up with empty pockets.

Cybersecurity reporter Brian Krebs recently investigated a taxpayer identity theft case in which the taxpayer had his tax return request rejected because it had already been fraudulently filed and direct deposited into a bank account. The victim spent countless hours on the phone trying to access his IRS account, which had been claimed by a cyber criminal using an unknown email address. He spent $50 in fees to have the fraudulent tax return filed in his name sent to his home address and countless hours tracking down the financial institutions where the money was deposited and talking with different government departments to track down his tax return money.

Did the cyber criminals beat you to your own tax return this year? Was more than one tax return fraudulently filed in your name? Here are some ways you can remedy the problem:

  • Report the problem to the IRS. File an Identity Theft Affidavit with the IRS as soon as you can. This marks your account and lets the IRS know they should keep an eye out for questionable activity during tax season.
  • Place a complaint with the FTC. Sharing a complaint with the FTC helps the commission detect patterns of fraud and abuse.
  • Place a fraud alert on your credit records. This is completely free and you can begin the process by contacting a credit reporting company. The FTC has a helpful step-by-step process online to help you place a fraud alert.
  • Check your credit report and set up credit alerts. Find out if your financial accounts are being further abused by cyber criminals by setting up credit alerts with a major credit reporting bureau.
  • Understand that these cases take time. According to The Washington Post, a typical identity theft case with the IRS takes 120 days to resolve. Be patient, as it unfortunately takes a while to resolve identity theft cases.

There are many ways to help prevent tax identity theft from happening to you in the future. Next year, remember to file your taxes early. Get ahead of cyber criminals’ fraudulent activities by filing as early as possible. When you do file taxes, be sure to do so digitally, instead of via mail. Use credit monitoring to notify you of any unusual activity. Last but not least, be aware of phishing attempts during tax season time. There have been phishing scams in which emails are sent from the IRS asking taxpayers for personal information. Never send sensitive information via email to any organization and be sure to research the correct phone number of the IRS or any organization you need to call to ensure your conversations are secure.

You can find more tips on how to avoid taxpayer identity theft by checking out our blog post on the topic. Do you have any additional tips to abide by during tax filing season? Be sure to share with us on Facebook, Twitter and LinkedIn.

Evolution of Identity Management

By | February 6th, 2014|Uncategorized|

CS_Infographic_EvolutionOfID_LargeProtecting your identity isn’t as cut and dry as it was before the digital age. Before the internet, identity thieves would find personal data by hunting through the garbage for sensitive documents, phishing for private information via phone rather than email or purchasing personal data from unscrupulous store employees.

Now, with advances in technology, identity thieves have many more tricks and tactics to collect sensitive information, especially in the online world. The types of information that are valuable to identity thieves have also changed. Social Security numbers and credit cards still fetch a high price on the identity black market but email address and login information are also prized as they provide access to valuable online accounts such as Amazon or banking sites. Add this to the fact that social networking profiles have made it easier than ever for cyber criminals to collect personal information and it is easy to see that the need for identity management has become more important than ever.

Take a look at our identity management infographic to see what information cyber criminals are going after now and what security risks consumers and businesses should anticipate in the future. While identity management in this increasingly digital world can be daunting, there are many unique solutions both new and in the works that can help companies and consumers protect their sensitive information online and off.

You are welcome to share this infographic on your website and can access the embed code on In the meantime, please let us know how you plan on managing your identity by leaving a comment on our Facebook or tweeting at us on Twitter. Be sure to stay up-to-date on the latest security news on our Tumblr.

Tax Identity Theft: How to Avoid It and What to Do if You Are a Victim

By | January 23rd, 2014|Uncategorized|

Tax tips picOn January 31, the IRS will start processing income tax returns. This day also marks the beginning of one of the busiest times of year for identity thieves looking to cash in by filing false returns.

Tax identity theft is a growing issue. In 2010, almost 15 percent of all identity theft complaints to the FTC were related to tax returns. In 2012, this number increased to 43 percent. The growth continued in 2013.

Why this quick growth? Tax identity theft is a relatively easy crime to commit. All an identity thief needs to file a false return is a Social Security number and forged forms. However, the ways to combat tax identity theft are a little more complicated. Here are some tips to decrease your chances of becoming a victim:

  • File early: This is perhaps the most important and effective tip to avoid tax ID theft. The earlier you file your taxes, the earlier the IRS processes them and the smaller the window that leaves for identity thieves to file using your information. Once you file your return, an identity thief won’t be able to collect on your Social Security number.
  • Protect your Social Security number: This tip applies to all forms of identity theft, but is particularly relevant when tax time rolls around. Guard your Social Security number. Shred any documents that include the number. Don’t put it on forms or share it when it is not needed. Don’t carry your Social Security card in your wallet. If an identity thief doesn’t have your Social Security number, they can’t file for a tax refund on your behalf. There are services available that will monitor your Social Security number and send an alert if a fraudulent name or address becomes associated with it.
  • Keep an eye on your mail: Tax documents like your W2 are usually sent via mail in envelopes marked “tax documents enclosed,” making them easy marks for identity thieves. The typical W2 not only lists your earnings for the year but also your name, address and Social Security number. Consider investing in a mailbox that locks or a P.O. box. At the very least, check your mail frequently.

If you have been the victim of tax fraud there are a few things you need to do to ensure you get your return and reduce the risk of it happening again:

  • Contact the IRS ASAP. You can reach the IRS Identity Protection Specialized Unit at 800.908.4490, extension 245.
  • File the IRS Identity Theft Affidavit, Form 14039. This form will help prevent future occurrences of tax-related identity theft.
  • Contact the fraud departments of the three major credit bureaus. This will help prevent identity thieves from misusing your personal information for other things such as securing a loan or opening up a credit card.

Have you been a victim of tax-related identity fraud? What was your experience like? As always, let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts