Thieves stealing IRS PINs and consumer’s tax returns

Krebs on Security is reporting that tax return fraud has not been curbed in 2016 despite safeguards put in place. Consumers who were hit last year were given IRS PINs to help identify that they were the consumer and not a cyber thief. One flaw in that system is that the PIN can be accessed […]

Krebs on Security is reporting that tax return fraud has not been curbed in 2016 despite safeguards put in place. Consumers who were hit last year were given IRS PINs to help identify that they were the consumer and not a cyber thief. One flaw in that system is that the PIN can be accessed online; therefore giving thieves the opportunity to steal the PIN before the consumer can use it.

This has led to some consumers filing their tax returns only to have them rejected by the IRS because the PIN has already been used. For those that have been compromised, their returns are rerouted to the thieves financial accounts. For credit unions, this means members may be inquiring about the status of their tax return and if it has been deposited in their account.

Krebs found that from “January 2014 to May 2015, the IRS allowed anyone to access someone else’s previous year’s W-2 forms, just by supplying the taxpayer’s name, date of birth, Social Security number, address, and the answers to easy-to-guess- or Google KBA questions. The IRS killed the Get Transcript function in May 2015 after it was revealed that crooks were abusing it to hijack consumer identities and refunds.

According to the IRS, at least 724,000 citizens had their tax data stolen through the IRS’s Get Transcript feature between January 2014 and May 2015. This may in fact be a lowball number: The IRS previously said the number of those affected was 334,000, figures that were sharply revised from an initial estimate of 110,000 taxpayers.”

Scrolling through the comments on the Krebs story shows that many consumers are seeing their tax return delayed significantly because of this tax return fraud. Credit unions would be wise to follow this story to ensure their members’ information is safe and to be able to answer questions.

Written by
admin
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents nearly 300 credit unions throughout Alabama, Florida, and Georgia. It has a combined total of almost $200 billion in assets and 12.4 million members. LSCU provides advocacy, compliance services, education and training, cooperative initiatives, and communications.

Social Channels

Follow us on all major social media platforms.

Newsletter

Make sure to subscribe to our newsletter and be the first to know the news.