Identity Theft and Your Tax Returns: What To Do if It Happens to You

As a follow up to our recent blog post, “Five Warning Signs That It’s NOT the IRS Calling,” a handful of SAGEbroadview clients and others have let us know that they have experienced another form of fraud. Some have received mailings from the IRS (the real IRS), alerting them that they may have fallen victim to identity fraud in the form of a bogus tax return being filed in their name. (Some did not yet receive a mailing but have tried to electronically file returns this tax year and found that their legitimate returns were “bounced” because fake returns were already on file for their Social Security number.)

Here’s why this type of tax fraud is increasing according to Matt Hunter with NBC News:

“To file a tax return electronically, all someone needs is a name, date of birth and a Social Security Number. The IRS accepts tax filings as soon as January 1, but employers aren’t required to submit correct employment information to the agency until March, by which time roughly half of all refunds have been paid out. (For that matter, the IRS doesn’t begin matching employer-submitted data to tax returns until the summer.) By law, the tax-refund system as it is currently constituted amounts to a “pay first, ask questions later” system, said Victor Searcy, director of fraud operations at IDT911, an identity protection and risk services firm in Scottsdale, Arizona. In other words, an imaginative crook in possession of the three basic items of a person’s identity could make up fake W-2 information and submit it, and get the money within 30 days—the amount of time the law says that the agency must refund tax filers.”

How the IRS Notifies You

If the IRS suspects you have fallen victim to this form of identity theft, expect their alert to arrive in the mail, with one of these “codes” found in the upper-right corner by the date:

• Form 5071C
• Letter 12C
• Letter 148A or CP 148B
• Letter 4883C

Again, refer to our previous post on how to identify a fraudster posing as the IRS. And never hesitate to be in touch with your advisor and/or accountant about any communication you may receive that generates questions or concerns – with or without these particular form numbers.

If Identity Theft Has Happened to You

In a moment, we’ll share some preventive actions you can and should take to minimize the possibility of someone stealing your identity. First, let’s go over what to do if it’s too late to prevent it because it has already happened.

• Notify your professional advisor(s) immediately. This includes your investment advisor (such as SAGEbroadview) as well as your tax preparer. DO NOT e-mail a copy of the notice you received, though. It may contain Social Security Numbers, among other things. Instead, upload it to your advisor’s secure client portal for sharing confidential information or otherwise use a secure method for sharing the information.
• Respond to the IRS, immediately and ongoing.
  1. Respond promptly according to the directions on the specific notice that you received. Unfortunately, from what we’ve heard, it may take some time to reach the IRS by phone but it remains essential that you keep trying until you get through.
  2. Complete IRS Form 14039, Identity Theft Affidavit.
  3. Continue to work with your tax preparer to file your tax returns and pay your taxes due – by paper if necessary.
• Take immediate steps to minimize the damage done. Follow the process on the Federal Trade Commission’s (FTC’s) website page, “Immediate Steps to Repair Identity Theft,” which includes but is not limited to:
  1. Contacting one of the three major credit bureaus to set up a fraud alert on your credit records. (The first company you contact is supposed to alert the other two companies. Confirm this with the agent.)
     • Equifax: www.equifax.com, (800) 525-6285
     • Experian: www.experian.com, (888) 397-3742
     • TransUnion: www.transunion.com, (800) 680-7289
  2. Requesting and reviewing copies of your free annual credit reports from each of these credit reporting companies – telling them that you’ve placed an initial fraud alert
  3. Filing an identity theft complaint/affidavit with the FTC
  4. Filing a report with your local police (including your FTC ID theft affidavit)

• Follow up to repair/resolve any lingering issues that the identity theft may have created. Point to the FTC’s website page, Repairing Identity Theft, and follow the steps for “What to Do Next.”

Preventing Identity Theft to Begin With

If you’ve not encountered any problems yet … good! But you can and should take steps to reduce your risk for becoming a future victim. Here are a few to get you started:

• Don’t routinely carry your Social Security card or any document with your Social Security Number (SSN) on it.
• Don’t give any business or agency your SSN just because they ask. Push back, and only provide it when absolutely necessary.
• Check your Social Security earnings report annually for phony/incorrect earnings data.
• Check your credit report annually for bogus accounts.
• Don’t give out personal information on the phone, through the mail or via the Internet unless it is you who initiated the contact or you’re 100% certain about who is asking for it.
• Protect personal computers with firewalls, antivirus and/or anti-spam filters. Keep operating systems patched and up to date on current releases. Use secure passwords.
• Protect your personal financial information on your home computer. That is, documents with lists of passwords should always be protected themselves.
• Don’t respond to “out of the blue” phone calls, e-mails, faxes or texts claiming to be from the IRS. As we covered in our last post, these are bogus. The IRS always begins its correspondence with a letter.

The Beat Goes On

Unfortunately, as hard we strive to prevent identity theft, fraudsters continuously come up with new schemes, calling for fresh defenses and continued vigilance. Keep an eye on the ongoing news here on our blog and on other worthwhile resources such as Forbes columnist and “Tax Girl” Kelly Phillips Erbs. And reach out to us if we can help.