It Is Tax (and Fraud) Time Again. Are You Ready?

Over 150 million households file federal and state tax returns each year. With literally trillions of dollars flowing through the tax ecosystem, this time of year is extremely lucrative for cybercriminals. There are stiff penalties for filing a fraudulent return, to include fines up to $250,000 for an individual, $500,000 for a corporation, and up to three years in jail. If caught, the defrauder can also be required to compensate the government for the cost of prosecution of the tax fraud case. Regardless of potential repercussions, the numbers of fraudulently filed tax returns continues to rapidly increase. 

According to the Internal Revenue Service, tax-refund fraud has more than tripled in the past tax two years. In 2016 the government agency saw the number hit $21 billion, which is up from $6.5 billion for fraudulent returns filed in 2014. In an effort to slow this trend, the IRS is using a delay tactic. It provides time for the real tax filing to hit the system, halting of a potentially fraudulent filing payment, and time for dispute management. If the same individual files two returns, one is guaranteed to be false. Unfortunately there is an adverse effect on those with low-income. These delays negatively impact families claiming the earned income tax credit and additional child tax credits, which are designed to benefit the working poor.

One of the main reasons for the rapid growth in tax refund fraud is that it takes little effort to file a false return. A valid name, date of birth, and Social Security number are all one needs to file a return. Given the unprecedented number of data thefts last year, it is obvious this information is readily available. A quick trip to the Dark Web can provide criminals with the ability to purchase millions of files with this data.

Each year, the IRS issues their ’Dirty Dozen,’ which is a list of the most common tax scams. While many of these include such things as claiming donations to fake charities, falsifying income, or claiming excessive business credits, a number of them identify fraud scams for tax payer awareness. Below are two of the more interesting ones we wanted to highlight.

Tax Return Preparer Fraud

The IRS warned taxpayers to be on the lookout for unscrupulous tax return preparers. While most tax preparers are trustworthy professionals, every year a number of unscrupulous individuals set up fake accounting businesses in order to steal your identity, file false claims, charge high fees, and cash tax return checks. Here are few things to look out for:

• Ask for the preparer’s Preparer Tax Identification Number (TIN).  This is typically a nine-digit number with a dash between the second and third numbers. Registered business will usually have the original TIN document that was issued by the federal government.
• Check with the Better Business Bureau, read online reviews, and ask around locally. Accounting businesses that have no history or recently come into existence are highly suspect.
• Ask about fees. Don’t work with someone who takes a percentage of your return or claims to get you a very large return in comparison to other preparers.
• E-file your return so you have a verifiable, electronic record of what was filed. Preparers with more than ten clients are generally required to e-file returns.
• Never sign a blank tax form. This is the equivalent of signing a blank check.
• Carefully review your return before signing. Do some quick math in your head, such as estimating payable taxes. They should run in the 25% to 35% range of your net income (after all deductions have been applied).

Identity Theft

The IRS also issued a new alert warning taxpayers and tax professionals to watch for identity theft. In spite of the best efforts of many individuals, determined cybercriminals have managed to steal hundreds of millions of identities. Unfortunately, it is impossible to know if you have been the victim of a fraudulent filing until a return is rejected. When the IRS receives two different returns with the same Social Security number, the second return e-filed is usually rejected. If you file by mail, you’ll receive a written notice that explains that a return has already been filed.

What to Do

If either of these happen, here are two course of action:

• Submit IRS Form 14039

If you learn that another tax return has been filed with your Social Security number, use IRS Form 14039 to alert the IRS. This form lets you report that someone has stolen your identity and filed a return using your information. You’ll provide information about the current tax year and the last return you filed prior to the identity theft. Once completed, mail the form to the IRS with a copy of your Social Security card and driver’s license. If you don’t have a driver’s license, you can us a U.S. Passport, military ID, or other government-issued identification card.

• IRS request for identity verification

When the IRS stops a suspicious tax return filing, they usually send Letter 5071C, which basically requests that you verify your identity.

NOTE: The IRS only sends such notices by mail. The IRS will never request that you verify your identity by contacting you by phone or email. If you are contacted by phone or email, it is likely a scam.

You will be able to verify your identity either through a phone number provided on the Letter 5071C or through the IRS's Identity Verification Service, which is located at https://idverify.irs.gov. The easier of the two methods is the online service, which asks multiple-choice questions to verify whether you or someone else filed the tax return that was flagged for identity verification.

If you decide to call the IRS at the phone number included in the letter, you will need to confirm your identity. Be prepared to provide:

• Your name, date of birth, and contact information.
• Social security number (SSN) or Individual Taxpayer Identification Number (ITIN).
• Your prior year tax return with all supporting documents and schedules.

Other Tax Scams

Apart from identity theft or fake tax preparers, there are other tax-related scams. A wide variety of tricks and methods are used by individuals to pry money away from you by claiming to be an IRS representative.

Phone Scams

Phone scams are a big problem identified by the IRS. There has been a rise in aggressive and threatening phone calls by criminals impersonating IRS agents. These scammers make unsolicited calls claiming to be IRS officials, warning of lawsuits that are being prepared or liens that will be filed. In some cases they even threaten to file an arrest warrant, initiate deportation, or revoke the victim’s driver’s license. They then con the victim into sending cash, usually through a wire transfer or a prepaid debit card or gift card.

Scammers often alter their caller ID numbers to make it look like the IRS or another federal government agency is calling. They usually provide false IRS employee titles and agent numbers, then use the victim’s name, address and other personal information to make the call sound official.

Here is what you need to clearly understand. The IRS will never:

• Call to demand immediate payment using a specific payment method, such as a prepaid debit card, gift card, or wire transfer. The IRS will first mail a detailed payment request to taxpayers who owe money.
• Threaten to immediately bring in local police or other law-enforcement groups to have the taxpayer arrested for not paying.
• Demand that taxes be paid without giving the taxpayer the opportunity to question or appeal the amount owed.
• Ask for credit or debit card numbers over the phone.

Phishing

The Internal Revenue Service has also warned taxpayers to be wary of fake emails or websites pretending to be from the IRS or tax preparers. The IRS has seen a number of email schemes in recent weeks not only targeting tax payers, but also tax professionals (such as lawyers and accountants), payroll professionals, human resources personnel, and schools.

In these email schemes, criminals pose as a person or organization the taxpayer trusts or recognizes. Criminals go to great lengths to create websites that appear legitimate, but which contain phony login pages to trick victims into providing money, passwords, Social Security numbers, and other information.

The IRS simply does not communicate with taxpayers via email. The IRS will only contact tax payers through physical mail. While many email messages and Web sites can look official, individuals should be extremely cautious about opening unexpected emails or clicking on Web links claiming to be from the IRS. Common phishing tactics include notices about big refunds, overdue tax bills, or requests for personal information.

It is important that you learn how to identify fake emails or Web sites looking to steal personal information. Here are some things to look for:

• Generic greeting. Phishers often send thousands of emails at one time. Be skeptical of any email sent that starts with ’Dear Customer,‘ or ’Dear Taxpayer.’
• Incorrect ‘From’ address. Look for a sender's email address that is similar to, but not the same as, a company's official email address. Official email from the IRS always comes from an @irs.gov email address. You can usually move your mouse pointer over the sender’s email address and the real one will pop up so you can compare the two.
• Urgent action required. Fraudsters often include urgent calls to action to try to get you to react immediately. Remember that the IRS will never send an email threatening lawsuits, liens, arrest, or other actions. They will also never demand that you react immediately or provide confidential information. Instead, the IRS communicates via traditional mail, and has a clearly defined process for filing and managing tax disputes.
• Link to a fake IRS website. To trick you into disclosing your user name and password, cybercriminals often include a link to a fake website that often looks exactly like the sign-in page of the legitimate IRS or tax preparer’s website. Before clicking on the link put your mouse cursor over it to view the real site address, which is typically provided in the lower left corner of your browser. It will probably be extremely complex and not point to a .gov site, indicating that it is not a legitimate government web page. Do not click on the link. If you end up on a potentially fake site look for misspelled words and poor language within the site content.
• Poor spelling and grammar in the email. You would think that this would be an easy problem for cybercriminals to fix, but a remarkable percentage of phishing emails and websites are riddled with misspelled words, bad punctuation, and improper grammar.

Conclusion

If you find that you have been the victim of tax return fraud, it is not the end of the world. The IRS has assigned thousands of IRS employees to work on identity theft issues, including prevention, investigating identity theft-related crimes, and helping taxpayers who have become victims of identity theft. If you find that you cannot e-file your return due to a potential identity fraud issue, go ahead and submit it via mail by the tax deadline, and contact the IRS.

If you decide to call them, please be advised that all of their agents are more than likely busy. Your call will be very important to them, so please stay on the line and your call will be answered in the order it was received. Take a deep breath. It may take some time, but if you have been the victim of identity theft and fraud there are government resources available to help you through the situation.