We are in the midst of tax season. And, while we are busy collecting our w2s, 1099s and 1095s, identity thieves are equally busy scheming their next attack.
Tax-related identity theft is when someone uses your Social Security number to file a tax return and fraudulently claim your refund. Tax refund fraud affects hundreds of thousands of U.S. citizens each year. In fact, the IRS estimated that during the first nine months of 2016, the agency was able to stop 787,000 fraudulent returns totaling more than $4 billion. Unfortunately, the IRS still paid out $239 million in “suspect” refunds, which means thieves have a lucrative incentive.
Not to mention, after the Equifax breach in 2017, the IRS worries leaked social security numbers will increase the number of tax-related identity theft significantly for this coming tax season. Additionally, early reports show that identity thieves who specialize in tax refund fraud have been hacking online accounts at multiple tax preparation firms to uncover sensitive information.
Tax-related cybercrime is currently listed as one of the IRS’ “dirty dozen” scams to look out for.
It’s imperative to stay ahead of the curve. Learn about common tax season fraud schemes, what red flags indicate you may be a victim, and what you can do to stay protected.
What are the red flags?
The worst part of tax-related identity theft is that most victims don’t even know they’ve been preyed upon until their tax return gets rejected because scammers beat them to filing it.
If you start to receive payments or information about your refund before you’ve filed, it’s a strong indicator that you may be a victim of tax-related identity theft. According to the IRS, other telltale signs to look for include:
- More than one tax return was filed using your SSN.
- You owe additional tax, refund offset or have had collection actions taken against you for a year you did not file a tax return.
- IRS records indicate you received wages or other income from an employer for whom you did not work.
Additionally, it’s common for criminals to pretend to be debt collection agency officials acting on behalf of the IRS. Criminals will place harassing phone calls urging you to pay your debts.
What can you do if you’ve fallen victim to identity theft?
If any of the aforementioned red flags have happened to you, take action quickly. The Federal Trade Commission (FTC) recommends these steps if you’ve been breached:
- File a complaint with the FTC at identitytheft.gov.
- Contact one of the three major credit bureaus to place a ‘fraud alert’ on your credit records. The three credit bureaus are:
- Stay on top of your credit history. Contact your financial institutions and close any financial or credit accounts opened without your permission or tampered with by identity thieves.
How can you protect yourself?
While the IRS recommends that you file early to ward off thieves from claiming your tax return first, this doesn’t solve everything. If your data has been compromised, thieves can still create a messy financial situation for you. Additional advice for ongoing cyber protection is the following:
- Always use security software with firewall and antivirus protection.
- Learn to recognize and avoid phishing emails. Do not click on links or download attachments from unknown or suspicious emails.
- If you receive threatening calls and texts do your due diligence. Is it a scammer posing as legitimate organizations such as your bank, credit card companies and even the IRS?
- Protect your personal data. Don’t routinely carry your Social Security card, and make sure your tax records are secure.
- Use strong passwords. Your passwords will always be your first line of defense. That makes it increasingly important to create strong and undetectable passwords. One way to do this is through EZPD.
EZPD is a platform that allows users to easily create strong, secure passwords up to 96 characters long. After you’ve entered your password, you can delete all traces of EZPD and your password from your computer for optimum security.
When you need access to your locked accounts, EZPD allows you to easily regenerate the same password when you need it. This increased password strength makes it practically impossible for a hacker to steal your passwords and access your accounts fraudulently.