Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | How to Cut the Cable Cord | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Top News Stories

author photo

IRS Confirms: Over 100,000 Identities Stolen Via IRS.gov Vulnerability

by on May 27, 2015
in Privacy, News, Computers and Software, Internet & Networking, Blog :: 2 comments

Viewing tax form on tabletAn Internal Revenue Service identity theft scam we first reported about here on Techlicious months ago has reached critical levels. Last night, the IRS confirmed that thieves exploited a security weakness on its website to create accounts for more than 100,000 U.S. taxpayers, all in an effort to claim millions in fraudulent tax refunds.

Here’s how the scam works. First, an organized crime group purchases a list of stolen identities on the black market. They then use this data to create an account for you at IRS.gov through the relatively obscure “Get Transcript” page. Once that account is created, the criminal will download your past year’s tax return and use the data from it to create and e-file a false tax return for the current year in your name. The thief gets the money; you get the hassle of undoing the damage. To the syndicates behind it, the payouts have been tremendous -- $50 million this year, according to The New York Times.

The unfortunate part: This lucrative scam owes its existence to real security weaknesses at the IRS. Its method for verifying identities – via the use of questions about your mother’s maiden name, past addresses and bank accounts – may have been secure enough in 1999. But with so many data leaks happening on a seemingly regular basis, thieves can easily foil the IRS ID question setup. Making matters worse is that once the thief “proves” they are you, the agency’s privacy rules kick in, making it incredibly difficult for the fraudulent payments and data theft to be stopped. One victim reported frustration at the IRS being unable to stop a payment from going to a thief even after the identity theft had been reported.

The IRS has shut down its “Get Transcript” page for now – an important and obvious first step in stopping the thieves. Investigations are already underway. What the IRS needs to do next is overhaul its computer security, improve its communication with taxpayers about creating IRS.gov accounts and redesign its website to make it easier to use. It also needs to take reports of fraud more seriously. These changes may be expensive, but Congress needs to be there with the authority and money to do so ASAP – we can’t afford to keep losing billions per year of U.S. Treasury money on these types of scams.

[Viewing tax form on tablet via Shutterstock]



Discussion loading

Disband

From Stephen Glover Rowe on May 28, 2015 :: 12:50 pm

How about just simply DISBANDING (ie ELIMINATING) the IRS altogether….and going to a Flat/Fair Tax format?????

Reply

gravatar

Fraudulent Phone call

From Hella K. Ploucher on April 29, 2016 :: 11:42 am

I have received a Phonecall from 114422260704 EXT 442. The IRS has a Lawsuit against us and dial 442 they will explain and help me.

Reply

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose