Employment-Related Identity Theft and the IRS!

    Identity theft has so many ways to rear it’s ugly head and and it has, over the years, found its way into the employment sector.

    A shadowed person wearing a hooded sweatshirt.
    Do You Have an Employment Clone That You Don’t Know About?

    Having known people who have fallen victim to this type of debilitating scam I decided to look to see how that can affect a person’s taxes and what the IRS either has done or is doing to counter or at least make the victim aware.

    Well I found that the IRS does not currently notify taxpayers it identifies as victims of employment-related identity theft, nor has it established an effective process to ensure that it sends the required notice to the Social Security Administration (SSA) to alert the SSA of earnings not associated with a victim of employment-related identity theft.

    These are two significant findings in an audit report by the Treasury Inspector General for Tax Administration (TIGTA). Employment-related identity theft occurs when someone uses the identity of another person to gain employment. So, taxpayers may first realize that they are victims of this type of crime when they receive an IRS notice of a discrepancy in the income they reported on their tax return. The IRS’s Automated Underreporter (AUR) program identifies such discrepancies when it matches taxpayer income reported on third-party information returns (e.g., Form W-2, Wage and Income Statement) to amounts that taxpayers report on their individual income tax returns.

    The TIGTA conducted this audit to evaluate the IRS’s AUR processes to identify and assist victims of identity theft. During the period February 2011 to December 2015, the IRS identified almost 1.1 million taxpayers who were victims of employment-related identity theft. In April 2014, the IRS started a pilot initiative to begin notifying taxpayers that they may be a victim of employment-related identity theft. The TIGTA’s review of the pilot notification initiative found that the IRS did not sufficiently design the pilot to include a representative sample of employment-related identity theft victims. Furthermore, the TIGTA found that the IRS has not established an effective process to ensure that it sends the required notice to alert the SSA of earnings not associated with a victim of employment-related identity theft.

    If you would like to read the full report you can access it here => www.treasury.gov/tigta/auditreports/2016reports/201640065fr.pdf.

    Do you think that budget cutting of the IRS has made this agency laggard in being pro-active in this ongoing fight?

    If you ever receive a notice from the IRS (or even the State) don’t go it alone. Don’t wait….Time is of the Essence. Give Solid Tax Solutions a call at (845) 344-1040. We are available year-round.

    You can also find out more about us through our website: SolidTaxSolutions.com.


    Bruce – Your Host at The Tax Nook

    Our Firm’s Website: SolidTaxSolutions.com (or just click on the icon on right sidebar of this page).

    Other Social Media Outlets: Facebook.com/SolidTaxSolutions (or just click on the icon on right sidebar of this page).

    Twitter: Twitter.com/@SolidTax1040 (BTW, We Follow-Back).

    Categories: Identity Fraud


    In the time that it took most of you to read that headline, fraudsters will have stolen nearly $10,000 from victims of identity theft. According to a recent report from research firm Javelin Strategy & Research, identity thieves have stolen $112 billion over the past six years. That works out to an astounding $35,600 (according to Javelin Strategy & Research) stolen every minute.


    With those numbers, it’s no wonder that stories about identity theft are dominating the headlines. Yet, despite a heightened awareness about identity theft, consumers saw the number of identity fraud victims in the U.S. increase by 3% or 13.1 million consumers in 2015: that’s the second-highest level in six years.

    Even as federal agencies and law enforcement attempt to tackle the problem, identity thieves seem to be one step ahead. “Fraud is evolving at a frantic pace although the amount of fraud has been relatively flat over the past four years. This just shows that when the industry cracks down on one type of fraud, criminals quickly shift their attack vector and area of operation,” said Al Pascual, Director of Fraud & Security at Javelin.

    So, what is the latest trend? New account fraud. With existing account fraud taking a dip, largely due to increased monitoring, new account fraud has exploded, according to Pascual. Last year, new account fraud increased by 113% and now accounts for 20% of all fraud losses.

    Unlike existing account fraud, where thieves use account numbers to access your existing bank accounts and credit cards, new account fraud happens when thieves use your personally identifying information, like your Social Security Number (SSN), to open new credit card accounts or apply for mortgages or lines of credit.

    New account fraud is more expensive for consumers. According to Pascual, the average out-of-pocket cost to consumers to resolve existing account fraud is $30, compared to $250 for new account fraud. It’s also harder to detect than existing account fraud because you likely won’t get a call from a bank or credit card company when new charges appear because you may not even know about the new account for some time.

    Thieves love the potential delay in reporting: it helps them stay ahead of the game. They can steal and get out, in some cases, before the consumer is even aware that it happened. What else makes it appealing? The wealth of personal information now available. One area of focus: those high profile Social Security Number (SSN) breaches. The medical data breach at Anthem affected potentially 80 million Anthem customers, including accounts associated with Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare. Two breaches at the Office of Personnel Management affected nearly 26 million Americans. The attack on UCLA health systems resulted in the compromise of potentially 4.5 million patients and providers.

    And the beat goes on. Data hacks, security breaches, and outright theft mean that the Personally Identifiable Information (PII) for millions of taxpayers is potentially available to identity thieves. That information can be used immediately to defraud consumers – or it can be packaged and sold on the black market. PII is definitely a hot commodity.

    PII can not only be used to open new accounts, it can be used to access your tax data and potentially steal your tax refund. In 2015, Internal Revenue Service (IRS) reported that identity thieves illegally accessed tax information for hundreds of thousands of taxpayers using the “Get Transcript” tool on the IRS website. This year, the IRS advised that it was able to stop an attack on its Electronic Filing Personal Identity Numbers (e-filing PIN) application: unauthorized attempts made involving approximately 464,000 unique SSNs. In these cases, it has been suggested that the attacks were initiated using out-of-wallet information from a third-party tied to stolen SSNs. The results of those prior hacks tend to be most obvious at tax season when thieves are trying to reap the benefits of those stolen SSNs.

    So What Can You Do to Protect Yourself During Tax Season?

    1. Don’t make it easy for thieves to get your Social Security Number (SSN): Pascual says, as a first step, that you should jealously guard your SSN.
    2. Avoid phishing emails and scams: Phishing often comes in the form of an unsolicited email or a fake website that poses as a legitimate site (like those pretending to be IRS) in order to get you to disclose your personal or financial information. Don’t follow any links from these e-mails to any websites where you might be asked for your personal information. Verify that you’re on a legitimate site before sharing your data; if you must access a particular site, log out from any links that you’re not sure about and navigate directly to the site instead. And remember: the IRS will not initiate contact with you by email (or phone) to discuss your account.
    3. Take data breach notifications seriously: According to Javelin, 64% more Social Security Numbers were exposed this year and there was a 110% increase in data on medical records made available to fraudsters. If you receive a notice from your bank, or the IRS advising you that your data may be at risk, pay attention. If you are advised that your personal information may be at risk, find out what specific, if any, information is at risk. Following up with credit monitoring might also be appropriate (As a side note: By law, you’re entitled to one free copy of your credit report each year from each of the major credit bureaus Equifax, Experian, and TransUnion: that’s a total of three reports every year [you may be entitled to additional copies if you’re the victim of identity theft]. To claim your free copy, visit Annual CreditReport.com or call (877) 322-8228. Review your credit report like you do your credit card or banking statements: check to make sure that the transactions and credit requests are those that you’ve approved.).
    4. File early and plan ahead: If you’re concerned about the status of your refund, try beating the bad guys to the punch by filing early and planning ahead. The IRS and various states will be using new technology and screens this year to try to identify bogus returns: that could mean that your refund might take a little longer. If you’re counting on your check, file early to account for any glitches or delays. Additionally, some apps, like the “Get Transcript” tool have been affected by attacks on taxpayer data. This year, for example, taxpayers may request a copy of a transcript online but the results of the request will be mailed to the taxpayer which can take several weeks.
    5. Keep an eye on your bank and credit card statements. You don’t have to be obsessive but do check your accounts from time to time to make sure that the recorded transactions are actually yours. Investigate and immediately report any suspicious activity.
    6. Understand that public wi-fi access really does mean public: When you’re sitting in Starbucks or your local library (whether for business or pleasure), be careful. Why? Because your data may be vulnerable to interception. Don’t connect to an unknown wi-fi connection (make sure that it’s legitimate). If you have an alternative connection available like using cellular data, consider using that instead. If you must connect using public wi-fi, use a VPN (Virtual Private Network). And save the really sensitive data – like online banking – for later. It really is best to avoid websites that could expose your passwords or financial information to potential cyberthieves on public connections.
    7. Take care with private documents: With so much emphasis on internet security, it’s easy to forget to safeguard paper documents. Don’t be careless with credit card statements, bank receipts and copies of tax returns. File the copies you need and shred the ones that you don’t.
    8. Keep your mailing address current: We are an increasingly mobile society. It’s rare that you’ll retire in the home that you start out in. Chances are, you’ll switch addresses more than once. When you do move, make sure that you contact your financial institutions, credit reporting agencies and tax authorities so that your mail doesn’t end up in the wrong hands. To easily change your address with IRS file a Federal form 8822 – Change of Address (downloads as a pdf). Allow plenty of time for processing. You should also file a change of address with the US Postal Service; you can make the change online here.

    So, what do you think about the IRS and Identity Fraud?

    Do you think that the IRS is doing enough to protect taxpayers’ personal information?


    Bruce – Your Host at The Tax Nook

    Our Firm’s Website: SolidTaxSolutions.com (or just click on the icon on right sidebar of this page).

    Other Social Media Outlets: Facebook.com/SolidTaxSolutions (or just click on the icon on right sidebar of this page).

    Twitter: Twitter.com/@SolidTax1040 (BTW, We Follow-Back).

    Categories: Identity Fraud

    The IRS Mea Culpa

    Photo courtesy of PBS.org

    So, to start 2016 the Internal Revenue Service (IRS) has announced that it has discovered an error affecting Identity Protection Personal Identity Numbers (IP PIN) letters mailed out in December 2015. Those letters had the wrong effective year.

    As part of its efforts to crack down on identity-related theft, the IRS is
    stepping up the use of IP PINs for taxpayers.

    An IP PIN is a unique 6 digit sequence that helps the IRS verify a taxpayer’s
    identity. When you have an IP PIN, it prevents someone else from
    filing a tax return with your Social Security Number (SSN) since returns which
    don’t include the correct IP PIN may be booted back. If a tax return is e-filed
    with your SSN but an incorrect or missing IP PIN, the IRS e-file system will
    reject the return until you submit the return with the correct IP PIN or you
    file a return on paper. If a tax return is filed on paper with your SSN but an
    incorrect or missing IP PIN, the IRS will delay processing the return –
    including any refund due – while they determine the validity of the return.

    Letters sending out IP PINs for the 2016 filing season (for the 2015 tax
    year) were mailed out at the end of December 2015 (but dated January 4, 2016)
    marked with the incorrect year. The letter, also referred to as a CP01A Notice,
    incorrectly indicates the IP PIN issued is to be used for filing your 2014 tax
    return when the number is actually to be used for your 2015 tax return. Despite
    the error, the IP PIN listed on the CP01A notice is valid for the 2015 returns.
    Taxpayers and tax professionals should use this IP PIN number for 2015 tax
    returns when the filing season opens on January 19, 2016.

    If you’re filing delinquent returns in 2016 for the years 2012, 2013 or 2014,
    use the same IP PIN issued with the CP01A notice. You do not need to use an IP
    PIN to file a federal form 1040X, Amended U.S. Individual Income Tax Return,
    a federal form 4868, Application for Automatic Extension of Time To File
    U.S. Individual Income Tax Return
    , or federal form 433-D, Installment
    for any year.

    Not all taxpayers will receive a CP01A notice with an IP PIN and you
    shouldn’t confuse the IP PIN with the 5 digit PIN you use to e-file your
    returns: those PINS aren’t interchangeable. IP PINs are only issued to taxpayers

    • self-reported to IRS as a victim of identity theft;
    • were identified by IRS a victim of identity theft; or
    • participated in the IP PIN pilot for residents of Florida, Georgia, or
      the District of Columbia.

    As you can imagine, this isn’t how IRS wanted to start the tax season. On their website, in addition to information about the error, they’ve issued the following Oops, were sorry:
    The IRS apologizes for the confusion and any inconvenience.


    Bruce – Your Host at The Tax Nook

    Other Social Media Outlets: Facebook.com/SolidTaxSolutions (or just click on the icon on right sidebar of this page).

    Website: SolidTaxSolutions.com (or just click on the icon on right sidebar of this page).


    Categories: Identity Fraud