Posts Tagged ‘Identity.Theft’

The Most Terrifying Words in the English Language Strike Again

Wednesday, March 2nd, 2016

One of my favorite quotes is from President Ronald Reagan:

The most terrifying words in the English language are: I’m from the government and I’m here to help.

Yet another instance of this appears to be striking with the IRS.

Kristy Maitre of the Iowa Center for Agricultural Law and Taxation (at Iowa State University) reports tonight that scammers have apparently been able to crash the IRS’s online IP PIN system. This shouldn’t be a shock; as Kristy notes a TIGTA report released in December (though not on their website) and a Tax Analysts analysis highlighted this vulnerability.

This new vulnerability hits taxpayers whose lives have already been thrown in disarray by one identity theft case. Now they may have a second identity theft case. (If they’re lucky, the first case has been resolved by now.)

The only solution is for the IRS to shut down this vulnerability immediately. I’m not holding my breath, though, on that happening soon.

It’s apparent that the IRS needs to go back to square one in regards to their information technology. After all, “I’m from the government and I’m here to help.”

Math Is Hard, IRS Edition

Sunday, February 28th, 2016

I was so, so tempted to write, “Math Is Hard, IRS Addition,” but I held off. Why? Because it turns out that it wasn’t 104,000 people who were victimized in last year’s “Get Transcript” hack, nor was it 334,000 taxpayers.

The actual number was more than 700,000. And the unsuccessful attempts didn’t total 10,000; they totaled 500,000!

That’s a total of 1.2 million taxpayers impacted by this. There are around 320 million people living in the United States, so we’re talking around 1 of every 266 people being impacted. And given that this is the second upward revision of these numbers, who is to know if this is really the final total?

Before the data breach was first announced, I noted that the information that was asked for was publicly available; I felt the system wasn’t secure. It turns out I wasn’t the only one to warn about this. Krebs on Security (written by Brian Krebs) warned about this in March 2015.

Unfortunately, the politicized atmosphere in Washington won’t allow anything meaningful to happen here. What the IRS should do is emulate the online system that California’s Franchise Tax Board has. That system combines web based applications with mailing to a taxpayer’s most recent address (which must match the address in the application). Or perhaps the IRS might look at my modest proposal on identity theft. I wrote that nearly four years ago and the IRS has only made the problem worse.

IRS Errs on Identity Theft PIN Letters

Tuesday, January 5th, 2016

One would think that the IRS proofed important letters and notices before they’re finalized. That didn’t happen with IRS Notice CP 01A, the notice used when sending out an Identity Theft PIN (personal identification number).

The IRS announcement is reproduced in full below:

Due to an error, taxpayers are receiving Identity Protection PIN letters with an incorrect year listed. Taxpayers and tax professionals should be advised the IP PIN listed on the CP 01A Notice dated Jan. 4, 2016, is valid for use on all individual tax returns filed in 2016.

The notice incorrectly indicates the IP PIN issued is to be used for filing the 2014 tax return when the number is actually to be used for the 2015 tax return. The IRS emphasizes the IP PIN listed on the CP 01A notice is valid for the 2015 returns. Taxpayers and their tax professionals should use this PIN number for 2015 tax returns, which the IRS will begin accepting from taxpayers starting Jan. 19, 2016.

The IRS apologizes for the confusion and any inconvenience.

For more information, see the questions and answers below.

Q. When were the CP01A notices mailed?

A. The notices are all dated Jan. 4, 2016, but were mailed in late December. Taxpayers are receiving these now through mid-January.

Q. What does an IP PIN do?

A. An IP PIN helps the IRS verify a taxpayer’s identity and accept their electronic or paper tax return. When you have an IP PIN, it prevents someone else from filing a tax return with your SSN.

If a return is e-filed with your SSN and an incorrect or missing IP PIN, our system will reject it until you submit it with the correct IP PIN or you file on paper. If the same conditions occur on a paper-filed return, we will delay its processing and any refund you may be due for your protection while we determine if it’s yours.

Q. Does this issue affect anything else involving the IP PIN process?

A. No

The IRS will not be sending out replacement letters. Somehow, this all seems apropos when dealing with the IRS.

Dear Mr. IRS

Sunday, November 10th, 2013

I must commend CPA Tony Nitti on his “Request for Urgent Business Relationship.” It’s hilarious…but horribly sad.

Why? TIGTA–the Treasury Inspector General for Tax Administration–came out with what is (for me) a scathing report on identity theft and phony tax refunds. Somehow, 655 tax refunds went to a single address in Kaunas, Lithuania. Don’t feel left out if you live in Orlando: 871 went to two separate addresses in that Florida city. There’s a preparer who is apparently responsible for 5,506 bad returns with a social security number and 1,590 with an ITIN (I’m hopeful that TIGTA forwarded information about that preparer to IRS criminal investigation) .

Yet I came up with a simple proposal on identity theft in September 2012 that would, if implemented, stop a lot of identity theft. (Yes, I forwarded my idea to the IRS.) Supposedly the IRS will have some new measures on identity theft for 2013 returns. We shall see….

Self-Proclaimed First Lady of Tax Fraud Gets 21 Years at ClubFed

Thursday, July 18th, 2013

Let me give some helpful hints to anyone who is thinking of engaging in a life of crime. First, don’t brag about it to others. Live your life in a nice peaceful way and blend in. Second, if you do brag about it, don’t brag on the Internet. Third, if you do brag about it on the Internet, don’t post pictures like this one:

Rashia Wilson (Image Credit: Tampa Police Department)

Showing pictures of yourself with stacks of bills might make even an unaware police department take interest. (For more such helpful tips, see Kelly Erb’s column.)

In any case, Ms. Wilson, who was indicted last year, was sentenced earlier this week to 21 years at ClubFed. She had pled guilty to charges of wire fraud and aggravated identity theft. Judge James Moody Jr. sentenced Ms. Wilson. Judge Moody stated, “She knew what she was doing was wrong. She reveled in the fact that it was wrong.” Ms. Wilson was also ordered to make restitution of $3.1 million, though it’s doubtful she has all that money.

Yesterday, the Treasury Inspector General for Tax Administration released a report on identity theft detection at the IRS. The reported noted that the IRS stopped $2.2 billion of fraudulent refund checks to be issued. Yet other reports have estimated that $5 billion in identity theft-related refund checks get issued annually. Meanwhile, the IRS continues spending money on a quixotic mission to regulate tax professionals.

If You’re a Sole Proprietor, Get an EIN…Now!

Sunday, March 10th, 2013

Most business entities have an Employer Identification Number (EIN) that they use. An EIN is for a business what a social security number is for an individual: It’s their taxpayer identification number. Some sole proprietors must have EINs (if they have employees, have withholding, or certain other situations). The IRS’s official position is that most sole proprietors do not need an EIN.

I beg to differ.

The problem today is identity theft. It’s rampant, and sometimes involves actual theft of your personal information from files. There’s a story out of Miami of a police officer stealing identities; there have been cases where hospital employees and others steal social security numbers. What’s to stop an employee of a business from stealing social security numbers? Nothing but most individuals’ inherent honesty. Unfortunately, I don’t think that’s enough today.

If you are a sole proprietor and you will have to complete a Form W-9 (giving your social security number to someone) or you issue Form 1099s, you should be using an EIN instead of your social security number. There is no cost to obtain an EIN (except about ten minutes of time). You can do so online at the IRS’s website.

Would You Deliberately Mail a Check to the Wrong Address?

Monday, January 28th, 2013

Seriously, would you?

Assume you owed a customer $1,000. The debt goes back over a year, and now you’re ready to pay. The customer notifies you that she’s moved, and provides you with her new correct address. How many of you would mail the return to the old incorrect address and wait for the check to come back before reissuing and sending it to her correct address? I’m guessing none of you.

Yet the Internal Revenue Service is going to do this to a victim of identity theft deliberately, with either malice aforethought or just plain indifference and stupidity. Jason Dinesen has more in his 11th part of a series that must be read from beginning to end to understand how broken the IRS’s ability to deal with identity theft really is.

The Walking Dead Come Back

Wednesday, January 16th, 2013

No, this isn’t a post on the next zombie movie. Yes, Las Vegas does have a Zombie Apocalypse Store (humorously, near one of my clients). But I digress….

Instead, we’re going to focus on a CPA from Northridge, California (in the San Fernando Valley region of Los Angeles) who is very much alive. Masood Chotani pleaded guilty on Tuesday to conspiracy to defraud the US. What he did, with others who are now residing at ClubFed, was to file returns in the names of the truly dead. While the Department of Justice press release only states that the “…deceased people’s Social Security numbers and other identification information [were] obtained from the Internet,” it’s likely the Social Security Death Master File is once again the culprit.

Why this gift for tax fraudsters is still available is unknown. But if you want to purchase the names and social security numbers of the truly dead, you can do so courtesy of the US government. Meanwhile, the DOJ and IRS Criminal Investigation gets to follow up on thousands upon thousands of cases of tax fraud. This is definitely not a digression.

As for Mr. Chotani, he’ll be joining his co-conspirators at ClubFed. He’s also agreed to make restitution. Unfortunately, for the living relatives of the dead who are victims of identity theft, they wait in a zombie-like state for the nightmare of identity theft to be resolved.

“The IRS Has Failed to Provide Effective and Timely Assistance to Victims of Identity Theft”

Wednesday, January 9th, 2013

That’s not just my opinion, it’s the opinion of the National Taxpayer Advocate, Nina Olson. Most tax professionals who have run into identity theft can relate horror stories. Jason Dinesen, an Enrolled Agent in Iowa, has been dealing with an identity theft matter for over 20 months (that’s nearly two years). The matter is still unresolved.

Ms. Olson today came to the conclusion that:

■■ The IRS is moving backward — away from a centralized approach to assisting identity theft victims — and is increasing the risk that taxpayer-victims may fall through the cracks;
■■ After years of ineffective efforts to reengineer its processes, the IRS still takes too long to fully resolve the accounts of victims;
■■ While the Identity Protection Personal Identification Number (IP PIN) that the IRS has developed provides additional security, it does not cover all victims;
■■ The Taxpayer Protection Unit may not be sufficiently staffed to handle the volume of calls from impacted taxpayers;
■■ Congress may unnecessarily create additional exceptions to taxpayer privacy protections; and
■■ The Social Security Administration still makes the Death Master File available to the public, creating an opportunity for identity thieves to steal and then misuse personal information.

The IRS and the Taxpayer Advocate both have reasonable arguments; the report (linked to above) notes both sets of issues. But I think Ms. Olsen misses a key point: The place to stop identity theft is checking addresses when returns are filed. The proposal that I made back in September would stop some identity theft before it happens. An ounce of prevention is worth a pound of cure.

Ms. Olson hits a bullseye with her comments on the Social Security Death Master File; she sees no reason for that to be available to the public while the social security numbers could be used for identity theft. I agree completely. The government is handing to crooks information they need to be crooks.

Finally, Ms. Olson’s comments about the length of time it takes to resolve many identity theft claims are accurate. The cases take a long time. They are complex. That said, many individuals are waiting years to get matters resolved. This is a disservice to an agency that has “service” in their name.

“First Lady” of Tax Fraud Indicted for Fraud

Thursday, December 20th, 2012

We have a late entry for the 2012 Tax Offender of the Year. Rashia Wilson bragged on her Facebook page, something that many individuals do. But it’s what she said that likely got her in trouble. According to the Tampa Bay Times, Ms. Wilson said,

“I’m Rashia, the queen of IRS tax fraud,” Wilson said May 22 on her Facebook page, according to investigators. “I’m a millionaire for the record. So if you think that indicting me will be easy, it won’t. I promise you. I won’t do no time, dumb b——.”

She may have been correct: It took a little over six months for her to be indicted.

Technically, she hasn’t been indicted for tax fraud. The 57 counts she and her boyfriend, Maurice Larry, face include conspiracy, wire fraud, filing false tax returns, theft of government property, and aggravated identity theft. The pair are looking at very lengthy terms at ClubFed if found guilty of all charges. The government is also seeking a money judgment in the amount of $1,176,787.00; that’s how much the pair allegedly profited from their scheme.

This is not Ms. Wilson’s first brush with law enforcement. She was arrested in September on a weapons charge.

While this alleged tax fraud ring is based in Florida, it apparently may have received information on identities in California. A story in the San Francisco Chronicle noted that 931 Berkeley residents may have had their identities stolen by this ring. The Chronicle story also notes that Ms. Wilson hosted “tax fraud parties” that allegedly raised more money than drug dealing.

A hint to those who want to begin a life of crime: Don’t brag about it on Facebook. Yes, law enforcement does read the Internet.