The red flags of tax ID theft

August 8, 2023 5:05 PM

Tax professionals have a commodity that identity thieves crave: client tax information. Nothing evolves these days faster than scams — except maybe alerts about them.

The Internal Revenue Service and its Security Summit partners have issued a new list of scam red flags to let tax pros bolster their defenses, fourth in a five-part "Protect Your Client; Protect Yourself" series from the summit, a public-private partnership that works to protect the tax system.

"It's important for tax professionals to protect their systems from identity thieves who always look for new methods to steal data," warned IRS Commissioner Danny Werfel in a statement. "There are practical ways for practitioners to keep on top of the latest trends and signs of data and identity theft."

Tax fraud victims have frequently shared concerns with the IRS that they didn't immediately spot signs of data theft. Here are some of the red flags.

Account mysteries

Al Drago/Bloomberg

IRS online accounts can frequently be one of the first signs of shenanigans: Clients receive notice that an account was created without their consent, that someone accessed their account without their knowledge or that the IRS has disabled their account. Coming out of the blue, these are trouble.

Where did this come from?

Michael Burrell/pixelrobot - Fotolia

Sometimes scammer activity triggers actions — which naturally look odd since no one legit was involved in creating the response. For example, clients may receive a tax transcript they didn't request; balance due or other notices from the IRS don't jive with the return filed; or clients respond to calls or emails that the tax pro didn't make or generate. Another corker, which you might need to prod about: Clients receive refunds without having filed a tax return.

Ghosts … or scammers?

Andrey Popov/Andrey Popov - stock.adobe.com

A wacky laptop can spell mischief. Have computers in your practice slowed to where software or actions take longer? Does your cursor move as if haunted or do numbers change without you touching the mouse or keyboard? Have you been unexpectedly locked out of a network or computer? It may not be ghosts, but scammers.

Unforeseen responses

Plain old surprises are one of the surest signs of crooks, such as client returns being rejected because their Social Security number was already used on another return; IRS authentication letters (5071C, 6331C, 4883C, 5747C) being received even though a return hasn't been filed; or getting more e-file receipt acknowledgements than you filed.

What to do first?

Report problems PDQ to your local IRS Stakeholder Liaison, who will alert IRS offices so they can block fraudulent returns in the clients' names. Also email the Federation of Tax Administrators at StateAlert@taxadmin.org; they can help you report to state tax agencies.

Tax pros must also be proactive with clients, such as by getting an IP PIN or completing a Form 14039, Identity Theft Affidavit. The summit partners also have a written security plan for practices to adapt.