Good news. Bad news. New data shows tax-related identity theft is declining rapidly as federal and state tax and law enforcement officials seek solutions together. Unfortunately, thieves and scammers continue to develop new schemes targeting both individuals and businesses yielding more stolen data and dollars per incident.
A business can hardly do business without collecting and holding clients’ private and identifying information, including names and addresses, phone numbers, and email addresses. Many businesses also collect and maintain their clients’ birth dates, credit information, Social Security numbers and more. If a data security breach occurs, these individuals are at risk for tax-related identity theft. Their personal information is used to file fake tax returns requesting refunds. In other schemes, scammers posing as IRS representatives, or federal or state authorities or creditors directly demand payments for taxes that are not owed.
Businesses are warned to keep up with current scam and phishing trends as well as take the necessary steps to secure systems and fix vulnerabilities. The Federal Trade Commission provides updated online information about securing operations against data breaches, and a new business-focused Data Breach Response Guide.
If you own a business that has been a victim of a data security breach, authorities offer three important steps to take: notify law enforcement, notify other businesses affected (such as banks, credit issuers and major credit bureaus), and notify individuals. If Social Security numbers have been compromised, individuals should be alerted to take steps to avoid being a tax-related identity theft victim.
The most popular way to steal from individual taxpayers uses simple data including names, phone numbers, email addresses and home addresses stolen from businesses. With this basic information, scammers send out emails and make threatening phone calls claiming to be IRS representatives, banks or credit card companies demanding payments on overdue taxes, overdrawn accounts or bills. They even using text messages contacting innocent victims who are tricked into sharing even more private information. Criminals will use the IRS logo and language in letters, emails or phone calls that seem legitimate.
Specifically, tax-related identity theft uses a stolen Social Security number to file a fraudulent tax return claiming a refund. This particular type of scam is being reduced dramatically as new, more-secure information transfers between the IRS and banks track automatic taxpayer refund deposits and checks.
Businesses should also remember that their business identity may also be stolen. A new type of business tax identity-theft is on the rise. Cybercriminals are using stolen business information to file fraudulent Forms 1120 – U.S. Corporate Income Tax Returns to capture corporate income tax refunds. They often obtain this private business information through the business’s website and by hacking into documents stored on unsecured computers.
Taxpayers, businesses and tax professionals should remain alert and ask more questions before sharing information. If you have questions about tax-related identity theft as an individual or business, please contact one of our tax preparation specialists at McRuer CPAs