By Brittany Capurro firstname.lastname@example.org
Receiving an IRS notice can be stressful. The most important thing to do is not to panic, and to read the entire notice before taking any action. There are a number of different reasons one might receive a notice, so make sure you understand exactly why you received the notice. You also need to verify that the notice is legitimate and not a scam to get your personal information or money from you.
According to the IRS website, the IRS sends notices and letters for the following reasons:
Your notice will explain why you received it and instruct you on the steps you need to take to handle the issue. Keep a copy of all IRS correspondences with your tax records. If you are unsure about the information in the notice contact your accountant for help.
Do not ignore the notice or wait to take action. These are usually time sensitive with potentially severe consequences if nothing is done in response to a notice. If your notice or letter requires a response by a specific date be sure to comply with this to minimize any additional interest and penalty charges and to preserve your appeal rights if you don’t agree.
The IRS website is a good resource to help you determine if the IRS notice you received is real or if it is scam. The IRS will not initiate contact with a tax payer to request personal or financial information, so if this what the notice is requesting, it is probably a scam.
According to a recent article in the Journal of Accountancy, passwords continue to be a major security risk. SplashData’s report compiling millions of leaked passwords has found that since 2011 the most frequently used passwords are “123456” and “password”. In addition to using weak passwords people often use the same one for everything. This obviously puts other systems one uses at risk. Further, audits of IT systems security find passwords written down in all sorts of places and unsecured password documents stored in employee computers and mobile devices.
Managing a lot of different passwords can be a daunting task. Some advisors suggest you may want to consider a password manager that securely stores your passwords for various sites. This way you only need to remember only the STRONG password you create to access the password manager. Just search online and you will find several options.
One CPA has devised a standard approach to organizing all his passwords. He starts with his first old ten-digit phone number, followed by the name of the account (i.e. Delta, Amazon, etc.) and ending with a four-digit personal identification number (PIN). This results in a strong password and you only have to remember the PIN.
With a little creativity, one could create a similar organized system to manage what for many has become an overwhelming challenge.
Another tax filing season means another season of opportunities for tax fraud. And to add insult to last year’s injury, some of the same people who were victims of the IRS’ data breach are being victimized once again.
Brian Krebs of KrebsOnSecurity is reporting the Identity Protection (IP) PIN the IRS sent out to those affected by last year’s “Get Transcript” fraud has the potential of being obtained by those who are not you (i.e. fraudsters). The PIN is initially sent to a person who has been a victim of fraud in the mail. This isn’t where fraudsters are obtaining the PIN. The point of attack is actually back with the IRS on the “Retrieve Your Lost or Misplaced IP PIN” portion of their website. As often happens in this day and age of too many passwords to remember, people misplace or forget their IP PIN. The IRS has created an electronic way to retrieve this PIN, but the system uses the same retrieval method that allowed the “Get Transcript” fraud. The system uses knowledge-based authentication which will have you answer four questions from the credit bureau Equifax. These questions will be something in the ballpark of your previous address, loan amounts and other questions of a similar nature. The problem is the answers to these questions are easy to guess especially since a taxpayer who is using an IP PIN already had their information compromised. A good question is why is the IRS using the same authentication system that caused issues last year?
Additionally, more good news out of the IRS is further review of the “Get Transcript” incident from 2015 has identified an additional 390,000 taxpayer accounts that had potential access. This brings the total number of affected taxpayers to somewhere over 700,000. Not necessarily all had fraudulent returns filed, luckily, but those taxpayers will now most likely have to deal with the IP PIN. Not all is doom and gloom, though. KrebsOnSecurity does have a handy write-up on things you can do to keep yourself from being a victim of tax fraud.
Companies having their data hacked seems to be a common occurrence these days. This is causing credit card companies to issue new cards every few months, or at least it feels like it happens this often. This has me thinking that maybe using cash more frequently may be a good idea. There are times when using a credit card can be beneficial; however, if not used properly, a credit card can cause a lot more harm than good.
Paying with a credit card lets you postpone the actual obligation of payment to the future, while cash payments make you physically have the cash to make the purchase. Purchasing items on credit without being able to afford it will just lead to debt sitting on your card accumulating finance charges. Using cash would be beneficial if you have a tough time holding off on large purchases until you have the money.
Avoid using a credit card when the company requires large processing fees. These processing fees can sometimes be more expensive than waiting until you have the cash and paying the late fee. These fees will usually offset the rewards one would receive by using a credit card. To avoid paying more than you need to, compare the processing fees to the late fees to make sure you are making the right choice.
Most credit cards offer many types of rewards and exclusive benefits. You can avoid interest and late fees by making payments on time and paying off your balance. The rewards will add up, making credit cards more beneficial than paying cash. Just make sure you pay off your balance so the fees are not also adding up. Other credit card benefits include additional warranties and purchase protection.
As much of a pain as it is when your credit card company issues a new card after a potential data hack, it is actually one of the credit cards’ greatest advantage. If cash is stolen from you it is hard, if not impossible, to retrieve this cash. However, if your credit card is stolen or fraudulent charges are made on your card, it takes one call to cancel the credit card, refute the charges, and have another card sent to you. This is a much less painful process than trying to retrieve stolen cash.
These are only a few examples of situations where you should decide what is better, paying with cash or credit. By making conscious choices when it comes to your payment method, it can end up saving you money.
Theft of personal information, such as social security numbers, to commit fraud on tax returns, to claim refunds or credits to which a taxpayer is not entitled to or commit other financial crimes is on the rise. Using this information, thieves often file fraudulent returns early during the filing season to avoid information matching. So you should have a pretty good indication that you are a victim of identity theft if you receive a notice from the IRS stating that more than one tax return has been filed using your information or wages are shown from an employer that you have not worked for. For the 2011 tax filing season, it has been estimated that identity theft related fraud was involved in the filing of 1.5 million tax returns representing $5.2 million. If you are a target, it can take months to clear your name, during which time a legitimate refund you should have received is withheld.
Typical methods used to gain access to your personal information include email or telephone phishing or dumpster diving. Some taxpayers receive phony IRS emails telling them they have a refund pending or are under investigation. The IRS does not send unsolicited tax-account related emails requesting personal and financial information. If you receive a suspicious email from the IRS report it by calling the IRS at 800-829-1040 or forwarding the email to phishing@IRS.gov.
The following are some of the preventative techniques one can employ to avoid identity theft:
• Arrange for masked social security numbers (SSN) where possible, e.g. on insurance cards.
• Resist giving your SSN or other personal information to businesses just because they ask for it.
• Protect your computer by using firewalls and anti-spam or anti-virus software. Regularly change passwords for internet accounts with sensitive information.
Remember – an ounce of prevention is worth a pound of cure.
I recently came across an article on yahoo news, which left me flabbergasted. It explained that one home in Florida was the recipient of more than $1 million in refunds by filing 741 false income tax returns. This is a whole different level of tax fraud that goes way beyond fibbing on charitable donations or not reporting some cash income.
This is stealing identities at an unprecedented clip. Some of the identities stolen were children and dead people and others innocent, unsuspecting citizens. In total, the Inspector General’s office found that in Miami, Florida alone, 75,000 bogus returns were submitted with the perpetrators receiving $281 million in refunds.
This article left me with two thoughts:
One – why can’t the IRS catch these thieves before they give out millions of dollars in false refunds when they are supposed to have sophisticated computers that match up all sorts of income data. Why can’t they do this with social security numbers?
Second – it left me with a sense of vulnerability that my identity could be stolen!
I did a quick Google search to find some pointers on how to protect myself and found that they were not too enlightening. You have to protect your social security number, check your credit reports often, shred all documents containing personal information, and put a halt to pre-approved credit offers. There are also many websites dedicated to this idea for a fee that may be worthwhile if you are extra paranoid, but I haven’t reached that level yet.
Let’s assume you are a law-abiding taxpayer but do not get around to filing your return until later in the filing season. Suddenly you are informed that two returns have been filed using the same social security number. Yours! Guess what? Your identity has been stolen.
To avoid having your identity heisted, there are a number of things you should know.
The IRS does not initiate contact with taxpayers by email with requests for personal or financial information, or to notify you that you are being audited or getting a refund. If you receive an email like this, forward it to the IRS at http://email@example.com.
Identity thieves might gain access to personal information by stealing your wallet, requesting information about you on the phone, rifling through your trash or accessing information you have provided to an unsecure internet site. If your social security number is stolen, another individual might use it to get a job. When that person’s employer reports the income to the IRS it will look like you have underreported your income. When this occurs, contact the IRS to show that the income isn’t yours.
It is important to be extra vigilant now since IRS impersonation schemes flourish during the income tax filing season. Such scams can take the form of e-mail, phone, fax, even tweets.
For more information about identity theft, including how to report it, search “Identity Theft” on the IRS.gov home page.