The Internal Revenue Service said Monday that the number of taxpayers who reported they were victims of identity theft fell 71 percent between 2015 and 2018, thanks to coordination between the IRS and its Security Summit partners in the tax profession, the tax prep software industry and state tax authorities.
Since it formed the Security Summit initiative in 2015, the IRS has been partnering with others in both the private and public sector on combating tax-related identity theft. The effort has led to fewer fraudulent tax returns being filed, fewer confirmed identity theft returns being stopped, fewer bad refunds being issued and fewer taxpayers identifying themselves as identity theft victims.
“The IRS and the Security Summit continue to make tremendous inroads in the battle against identity theft,” said IRS Commissioner Chuck Rettig in a statement. “In 2018, our partnership protected more taxpayers and more tax dollars from tax-related identity theft. At a time when many in the private sector continue to struggle with these issues, the tax community has made major progress working together to stop identity theft and refund fraud.”
The IRS and its partners in the tax prep profession have shared dozens of elements from tax returns that could be indicators of fraud such as the length of time to prepare the return. The IRS has also improved and expanded its fraud filters and added extra protections to business along with individual tax returns. State tax authorities have asked for more information such as driver’s license numbers. Software developers have strengthened their password requirements to protect accounts and added multi-factor identity authentication. Debit card companies have also beefed up their protections, and more financial institutions are now helping recover fraudulent refunds.
The IRS and its partners in the Security Summit set up the Identity Theft Tax Refund Fraud Information Sharing and Analysis Center (IDTTRF-ISAC) to detect and stop tax refund fraud. Overall 65 groups are now participating in ISAC, enabling them to react and respond more quickly as new schemes pop up from fraudsters.
Between 2015 and 2018, the IRS found the number of taxpayers reporting they were identity theft victims by filing identity theft affidavits fell 71 percent. Last year, the IRS received 199,000 reports from taxpayers compared to 677,000 in 2015. This was the third year in a row this number declined. There were 242,000 identity theft reports in 2017 and 401,000 in 2016.
Between 2015 and 2018, the number of confirmed ID theft returns stopped by the IRS fell 54 percent. However, there was a 9 percent uptick last year in the number of confirmed identity theft returns, 649,000 compared to 597,000 in 2017. But the IRS pointed out that the 2018 count is still significantly below the 883,000 in 2016 and the 1.4 million in 2015.
Between 2015 and 2018, the IRS protected a combined $24 billion in fraudulent refunds by preventing confirmed identity theft returns. Last year, the 649,000 confirmed fraudulent returns tried to access $3.1 billion in tax refunds. The IRS protected $6 billion in 2017, $6.4 billion in 2016 and $8.7 billion in 2015.
Between 2015 and 2018, the IRS’s partners in the financial industry recovered an additional $1.4 billion in fraudulent refunds. The financial industry is helping the IRS combat identity theft and recover fraudulent refunds that may have been issued. As fewer fraudulent tax returns enter the system, fewer fraudulent refunds are being issued. Last year, financial institutions recovered 84,000 federal refunds totaling $112 million for the IRS. Institutions recovered 144,000 refunds worth $204 million in 2017, 124,000 refunds worth $281 million in 2016 and 249,000 refunds totaling $852 million in 2015.
“Despite these major successes, more work remains,” Rettig added. “Identity thieves are often members of sophisticated criminal syndicates, based here and abroad. They have the resources, the technology and the skills to carry on this fight. The IRS and the Summit partners must continue to work together to protect taxpayers as cyberthieves continue to evolve and adjust their tactics.”
Identity thieves take aim at tax pros
In response to the success of the Security Summit in fending off identity theft, criminals are changing their targets and tactics, increasing trying to steal personal and business information from companies and tax professionals.
Theft of taxpayer information held by tax professionals is still a major issue. Identity thieves can breach tax practitioners’ computer systems, steal client data and file fraudulent tax returns before a preparer may even know they have been victimized.
Criminals can also steal the tax practitioner’s Electronic Filing Identification Number (EFIN) or Preparer Tax Identification Number (PTIN) to file false returns. Tax pros who experience a data theft should contact their IRS stakeholder liaison immediately for help.
Meanwhile, the number of businesses reporting they are victims of tax-related identity theft increased 10 percent last year, with 2,450 reports compared to 2,233 reports in 2017. The Security Summit partners are putting in place similar protections for business tax returns to safeguard against business identity theft.
Identity thieves use several different tactics with businesses. They can file a fraudulent tax return, a fraudulent quarterly tax payment or use stolen Employer Identification Numbers (EINs) to create fraudulent Forms W-2. Thieves can also impersonate business executives to convince payroll or finance employees to disclose employee W-2 information or make wire transfers. Partnerships, trusts and estates also can be at risk of suffering tax-related identity theft.
New schemes are constantly arising. The security software provider McAfee reported Monday that a powerful data-stealing malware campaign with a tax theme on the rise ahead of Tax Day. Trickbot is a trojan that is infecting unsuspecting users and aims to steal password and financial information to send back to the attacker. By stealing tax documents, scammers can also file fraudulent end-of-year tax forms to steal refunds. Another security provider, Proofpoint, recently said it has uncovered a disproportionate number of tax-related campaigns pushing malware called the NetWire RAT through email, giving attackers backdoor control to peoples’ machines. In addition to the U.S., Proofpoint said it has also seen evidence of attacks in Canada, Singapore, New Zealand, the U.K., and Australia
For more information about identity theft, how to identify it, how to prevent it and how to report it, visit