Academic journal article
By Chambers, Valrie; Zeidan, Rabih
Journal of Accountancy , Vol. 215, No. 2
Tax return and other tax-related identity theft is a growing problem that CPAs can help their clients with--both in taking preventive actions and in correcting problems after an identity thief has struck. Tax return identity theft occurs when someone uses a taxpayer's personal information, such as name and Social Security number (SSN), without permission to commit fraud on tax returns to claim refunds or other credits to which a taxpayer is not entitled, or for other crimes.
Thieves normally file early in the tax-filing season, often before the IRS has received Forms W-2 or 1099, to thwart information matching and avoid receiving duplicate return notices from the IRS. Taxpayers sometimes discover they are victims of identity theft when they receive a notice from the IRS stating that "more than one tax return was filed with their information or that IRS records show wages from an employer the taxpayer has not worked for in the past" (FS-2012-7 (January 2012)).
In 2011, the IRS processed about 145 million returns. About 109 million were claims for refunds, with an average refund amount of almost $3,000. As of May 16, 2012, the IRS had pulled 2.6 million returns for possible identity theft, and that trend is on the increase. The IRS recently reported an inventory of more than 450,000 identity theft cases. For the 2011 filing season, the Treasury Inspector General for Tax Administration (TIGTA) estimated that identity-theft-related fraud accounted for approximately 1.5 million tax returns in excess of $5.2 billion.
CONSEQUENCES OF IDENTITY THEFT
Tax return identity theft delays legitimate taxpayer refunds because the return appears to be a duplicate return and may be a sign of other fraud or identity theft problems. IRS support to solve traditional and nonfraud problems may be delayed as well when IRS resources are diverted to combat identity theft. Other tax-related identity theft can cause problems for the taxpayer as well. If an individual fraudulently used a taxpayer's SSN to get a job, the taxpayer may have extra W-2 wages erroneously reported (and perhaps also extra taxes withheld), leading to a correspondence matching audit. The National Taxpayer Advocate notes that time and money are spent to clear the individuals' names, during which "victims may lose job opportunities, may be refused loam, education, housing or cars, or even get arrested for crimes they didn't commit" (IRS Publication 4535, Identity Theft Prevention and Victim Assistance).
Further, until recently, the IRS would hold suspicious refunds while verifying the underlying W-2 information, for up to 11 weeks. With the increase in the number of cases and budget limitations, refunds may take longer. So, the IRS says, "[I]dentity theft can impose a significant burden on its victims, whose legitimate refund claims are blocked and who often must spend months or longer trying to convince the IRS that they are, in fact, victims and then working with the IRS to untangle their account problems" (IR-2012-66).
A typical identity theft starts when thieves have (illegally) bought or stolen information from individuals, employers, hospitals, or nursing homes or have used the public list of deaths with SSNs issued by the Social Security Administration. With a number or list of numbers, they file false tax returns for refunds. For example, investigators found a single address that was used to file 2,137 tax returns for $3.3 million in refunds (see TIGTA Rep't No. 2012-42-80). Most thieves prefer to receive the refund using direct deposit or prepaid debit cards. In another example, 590 tax refunds totaling more than $900,000 were deposited into a single bank account. Although banks have strict rules to verify the identity of account holders, they don't have the ability to monitor whether the direct deposit is for a legitimate refund.
Exhibit 1 Sample of Phishing Email Title/Subject of email: Your Tax Refund Payment Update [attachment to email is "Refund Form. …