IRS warns preparers on signs of data theft

The Internal Revenue Service is urging tax professionals to be aware of the signs of data theft so they can react quickly to minimize damage to themselves or their clients. Not being able to recognize these signs is an oft-repeated concern from tax preparers.

The agency said preparers should be especially aware of the following red flags:

  • Client e-filed returns are rejected because their Social Security number was already used on another return.
  • The tax pro receives more e-file acknowledgements than returns they filed.
  • Clients respond to emails the tax pro didn't send.
  • Slow or unexpected computer or network responsiveness such as software or actions taking longer to process than usual; their computer cursor moving or changing numbers without touching the mouse or keyboard; or being unexpectedly locked out of a network or computer.

Further, the IRS said professionals should be worried if their clients report receiving any of the following:

  • IRS authentication letters (5071C, 6331C, 4883C or 5747C) even though they haven't filed a return.
  • A refund even though they haven't filed a return;
  • A tax transcript they didn't request;
  • Emails or calls from the tax pro they didn't initiate;
  • A notice that someone created an IRS online account for the taxpayer without their consent; or,
  • A notice the taxpayer wasn't expecting that someone accessed their IRS online account; the IRS disabled their online account; or balance due or other notices from the IRS that are not correct based on return filed or if a return had not been filed.

If a tax professional or their client is confirmed to be the victim of identity theft, they are advised to immediately report it to the local IRS Stakeholder Liaison, who will notify IRS Criminal Investigation and others within the agency on the practitioner's behalf.

Reporting quickly is critical, according to the IRS, as it allows the agency to take steps to block fraudulent returns in the client's name and help tax pros through the process. Practitioners should also email the Federation of Tax Administrators at StateAlert@taxadmin.org and be proactive with clients who could have been impacted and suggest appropriate actions, such as obtaining an IP PIN or completing a Form 14039, "Identity Theft Affidavit," if applicable.

"Tax pros must be vigilant to protect their systems from identity thieves who continue to look for ways to steal data," said IRS Commissioner Chuck Rettig, in a statement. "Practitioners can take simple steps to remain on the lookout for signs of data and identity theft. It's critical for tax pros to watch out for these details and to quickly take action when tell-tale signs emerge. This can be critical to protect their business as well as their clients against identity theft."

For reprint and licensing requests for this article, click here.
Tax IRS Cyber security Identity theft
MORE FROM ACCOUNTING TODAY