Due to the coronavirus pandemic, even taxpayers who usually filed a paper return are now forced to file it digitally. Though e-filing is faster and more convenient than paper filing, those who are not aware of tax scams such as identity theft are more vulnerable than ever when filing digitally.
Now that the April 15th filing deadline has been extended to July 15th, taxpayers have time to learn about the various tax scams that have made thousands their victim. Forbes talks about how fraudsters steal the personal and financial information of taxpayers and what you can do to avoid falling into their trap.
The extension may come as a relief to many Americans, but it also gives fraudsters additional time to mine for data that can be sold or traded. As a result, past vulnerabilities will likely be more of a threat this year. The best way consumers can protect their identities is to file this year’s taxes as soon as possible, before someone else tries to do it for them.
At the close of last year’s tax season, the Government Accountability Office (GAO) issued a report saying that the IRS needs to establish a stronger cybersecurity standard across third-party tax preparers. The year prior, the GAO’s report found that ‘fraudsters used false identities to steal at least $1.68 billion in tax refunds in 2016.’ And that’s without this year’s extraordinary circumstances. We are seeing more digital transactions than ever, and fraudsters will keep looking for ways to take advantage.
Walking In Through The Front Door
Our personal and financial information unlocks access to services, goods and government assistance meant specifically for us. And each bit of that information is an alluring target for criminals who either sell or buy it for fraudulent purposes.
On the dark web, it’s not hard to find this information for sale. With prices starting as low as a dollar, criminals can buy real people’s information on completed tax forms. It’s a scary, lucrative business — profitable to sell and cheap to buy. Tax preparers will continue to be targeted as long as the information is there.
If stealing consumers’ data via hacking is like breaking into a house, filing fraudulent tax returns is like walking straight in through the front door. Whether fraudsters buy information via the dark web or steal it via phishing, once they have it, it’s incredibly easy to use to file fraudulent tax returns and rob someone of money they are owed.
Here’s how it works: Let’s say you filed your tax return last year, and a fraudster gets a hold of that return, either a paper copy or the digital file. Now the fraudster uses all of your information, including your address, Social Security number, signature and more to file your tax return this year — all before you do. They change the bank account number, and your tax refund gets deposited into their account. An even more sophisticated fraudster will gather your data and hang onto it for future, more nefarious purposes.
The $1.68 billion in fraudulent tax returns are enough to demonstrate the lengths fraudsters are willing to go. It’s also a call to continue innovating ways to outwit and outpace them. It’s time for a discussion about new proactive measures to verify identities and establish a significantly more secure tax process.
Securing The Perimeter
There are measures consumers can take to protect themselves from fraudsters, but tax preparation providers and the IRS should carry the bulk of the responsibility to prevent data ‘break-ins.’ Whether it’s stealing data or filing fraudulent returns with already-stolen data, there are ways to make tax fraud harder and less attractive to criminals on the prowl.
It all comes back to the growing need for strong consumer data protections. Unifying cybersecurity practices among e-file providers would be a strong first step. Creating security linked and layered standards, including end-to-end encryption, will create an ecosystem rooted in safety. Rather than a plethora of different programs, each with unique strengths and vulnerabilities, a unified landscape will take away common entry points that fraudsters exploit.
Identity verification is the other missing piece of this puzzle. For example, verifying identities online at the point of filing a tax return could deter and dramatically decrease fraudsters’ success rates, potentially saving consumers the hassle and potential financial hardship that comes with identity theft.
As part of this linked and layered approach to security, we all have a role to play. A Social Security number is the most dangerous piece of personally identifiable information a fraudster can get, so even as online security systems become more sophisticated, guarding this one number is the most important step a person can take to protect against identity fraud.
How Consumers Can Protect Their Own Identities:
- Do not give out your Social Security number via email or over the phone.
- Do not answer a call “from the IRS.” The IRS will never call you.
- Do not carry your Social Security card with you. It could be stolen.
- Even if you aren’t filing your tax return yet, log on to the system you use, and start your return.
- Look for a tax filing software system or tax preparer who asks you to verify who you are when you open your file.
- Work with companies you trust. Research their approach to security.”
If you are careful and take all necessary precautions when doing your taxes online or efiling your return, you can easily avoid falling prey to fraudsters.