Protect your tax return information from identity theft

This past November I attended my usual two full day tax conference in preparation for the upcoming tax filing season. As has frequently been a topic of top priority, the course instructor asked of the participants: “How many tax practitioners in the room have had clients who were victims of identity theft?”

Now, the first thing to mention about this is that probably more than five years ago, this topic just wasn’t even something that routinely came up in CPE classes. But now, it is a topic which has been elevated to top priority and routinely comes up for discussion within the professional practitioner group I am involved with.

Secondly, again going back over five years ago, I don’t imagine that hardly any hands in the room size of about 200 tax professionals would have gone up. But, in response to that question now, a very significant number of hands shot up which demonstrated just how pervasive the problem has become over the years.

IRS data too bears out just how much of a growing problem this has become having reported that total taxpayer identity theft cases have risen quite significantly over the past few years. However, that being said, IRS has also made significant progress in combating the problem through a number of initiatives which are beyond the scope of what I can cover here in this short blog post.

So, how exactly does a taxpayer first realize that their personal information may have been compromised? Well, there are six most common ways that a taxpayer becomes aware of it:

First, the taxpayer attempts to file a return electronically but the IRS rejects the return, indicating that someone else has filed a return using the same identification number of the filer or of a dependent.

Second, the taxpayer receives an IRS notice that indicates more than one return has been filed for a single account.

Third, the taxpayer receives an IRS bill for additional tax due, an unknown refund offset, or other collection action.

Fourth, the IRS asks for confirmation of information on a return that was not filed by the taxpayer. (Many tax refund fraud cases will initiate with this type of notice.)

Fifth, a notice is received that reflects wages earned from an employer the taxpayer has never worked for.

Sixth, some kind of compliance action has been taken against the taxpayer for a period for which the taxpayer never filed a return nor received a refund.

Once you as a taxpayer become aware of a suspected compromise of your information, there is a very specific sequence of events you must follow as recommended by IRS which can be found on their website. I will not go through them here as it is beyond the scope of what I can cover in this short blog post on the subject.

There are a number of ways how thieves can steal your information including looking through trash for confidential information; the outright theft of records; pretexting to impersonate a taxpayer or financial professional; hacking/DMS attacks on networks containing confidential client information; malvertising which by social engineering methods can trick the unsuspecting person to disclose confidential information; and scareware which is a malicious computer program designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection.

Every taxpayer needs to be diligent in protecting their confidential information as it exists in and among their home records and computer systems. Similarly, you should only work with tax professionals you can trust and you should inquire as to what their procedures are for the storage, protection and use of your personal tax information. For example, in my practice I make available to clients a detailed listing of my practices and technology procedures in place to safeguard my clients’ confidential information. I also monitor on a regular basis all of the IRS issued security alerts to be on watch for.