GruntWorx Featured Post

Has Someone Stolen My Data?

Much has been said about how to identify and avoid tax-related identity theft scams, especially when it comes to phishing and malware. This week, the IRS published a tax tip highlighting the signs that a tax professional’s identity has been stolen.

Identity thieves have been increasingly targeting tax professionals’ personally identifiable information (PII) and office databases in recent years. Aside from the usual goal—using that information to fraudulently apply for credit cards and loans—cybercriminals know that a tax professional’s office is a PII goldmine.

Cybercriminals who gain access to a tax professional’s client database end up with a catalogue of hundreds, if not thousands, of private financial records. Tax-related identity theft scams are of particular concern, since cybercriminals can also use hijacked tax preparation software to file fraudulent returns. Fortunately, the extent of the financial damage suffered by you and your clients can sometimes be mitigated with early detection and quick action.

That’s why the IRS put together Tax Tip 2019-124, a list of twelve signs that a data theft incident has occurred. It ranges from the usual signs of a malware infection to clients receiving unexpected material from the IRS:

  • Their clients’ e-filed returns are rejected by the IRS or state tax agencies. This happens because someone else already filed a tax return with their client’s Social Security number.
  • Clients who haven’t filed tax returns begin to receive taxpayer authentication letters from the IRS. The IRS sends letters such as the 5071C, 4883C and 5747C to confirm a taxpayer’s identity for a submitted tax return.
  • Clients who haven’t filed tax returns receive refunds.
  • Clients receive tax transcripts that they didn’t request.
  • Clients who created an IRS Online Services account receive an IRS notice that their account was accessed.
  • Clients who have an account get an IRS emails saying their account is disabled.
  • Clients unexpectedly receive an IRS notice that an IRS online account was created in their names.
  • The number of returns filed with the tax professional’s Electronic Filing Identification Number is higher than the number of clients they have.
  • Tax professionals or clients responding to emails that the firm did not send.
  • Network computers running slower than normal.
  • Computer cursors moving or changing numbers when the user is not even touching the keyboard.
  • Network computers locking out employees.
  • The IRS also included several links to help tax professionals better understand data security as a whole, like the FTC Safeguards Rule, Publication 4557, and Publication 5293. Understanding data security process as a whole—from prevention to identification and mitigation—will help you stay compliant with FTC regulations and protect your business.

    You want to help clients file their return timely and accurately. Cybercriminals want to steal money from you and your clients. Let’s not make their job any easier by neglecting data security.

    Source: IRS Tax Tip 2019-124

    Browse By Topic

    Paste your AdWords Remarketing code here
    Browse GruntWorx

    GruntWorx, LLC.