E-File Fraud: Identity Thieves Filing Taxes To Steal Refunds

E-File Fraud: Identity Thieves Filing Taxes To Steal Refunds

By George Avalos, San Jose Mercury News (TNS)

MOUNTAIN VIEW, Calif. — By its very nature, tax season unleashes a certain amount of angst, but this year may produce a higher level of foreboding due to a slew of data breaches that have imperiled electronic filing of tax returns.

“Tax fraud this year is very prevalent, primarily because of these recent high-profile data breaches,” said Julie Miller, a spokeswoman for Intuit, a Mountain View software maker whose signature products include the TurboTax program. “We are seeing tax refund fraud being driven by identify theft. That has implications for people who use TurboTax online or any online tax preparation.”

Scammers are using Social Security numbers and other information collected in data breaches to steal a person’s identity and file for their tax return. Frequently, the first time that a taxpayer becomes aware that their data has been compromised is after they file their return, are waiting for a refund, and receive a notice from the IRS that somebody has already filed their tax return.

“Going back to at least 2012, tax refund fraud is the biggest category of identify fraud reported to the Federal Trade Commission,” said John Breyault, a vice president with the National Consumers League. “We are very concerned about the connection between identify theft and tax fraud. There is no foolproof way to avoid this. That’s why it’s such a popular crime.”

In 2014, more than 1,500 data breaches led to 1 billion records being compromised worldwide, according to a recent report by Netherlands-based Gemalto, a data security firm. That represented a 49 percent increase in data breaches and a 78 percent increase in the number of records that were lost or stolen worldwide, Gemalto reported in its Breach Level Index for 2014.

“Maybe the worst incident was the huge Anthem data breach,” said Paul Stephens, director of policy and advocacy with the San Diego-based Privacy Rights Clearinghouse, a nonprofit group. “That breach provided sufficient info that anyone could file a tax return for any individual whose data was compromised.”

Potential security issues aren’t stopping most Americans from filing their taxes electronically, though. The IRS said that 86 percent of federal tax returns were filed electronically last year, after steady gains in the past decade: 2005 was the first year the majority of returns were filed online, at 51.1 percent.

With so may Americans e-filing, federal tax authorities have identity theft on their radar screens in a big way, Breyault said, but tax scam crooks have begun to prospect in promising new territory.

“Tax fraud is migrating to state returns,” Breyault said. “It’s like squeezing a balloon. You squeeze harder on one end, and the problems get bigger at the other end.”

Intuit was forced to shut down TurboTax service for almost 24 hours in February — just a day after the Anthem hack was originally reported — when states complained to the company about a large number of fraudulent returns. The company worked with Palo Alto security startup Palantir to develop security procedures to block such filings.

“This year on TurboTax, we have included additional account and security methods, such as multi-factor authentication when you log in,” Miller said. “If you are an existing customer, you will have additional fraud controls in place to protect your information.”

Experts say the hazards posed by tax fraud thieves are acute enough that they urge people to file their returns as early as possible during the tax season, especially if a taxpayer anticipates a refund.

“These thieves are really smart, and really crooked,” said Kevin McCormally, editorial director with Kiplinger’s, a financial publication. “The IRS says that in 2013, it paid out $6 billion in fraudulent returns.”

Fraud activity is pernicious enough that Kiplinger’s has even offered a draconian suggestion to help ward off the tax crooks: Try not
to receive a refund.

“You can fix your withholding so you don’t get a refund,” McCormally said. “It’s better to get your money when you earn it, rather than give it to the IRS interest free.”

Kiplinger offers a calculator on its website so you can craft a guesstimate about how many exemptions to take in order to break even or owe a small amount to the IRS on your income taxes.

The IRS recently convened an industry summit to address the issue of the cyber breaches and launch a system of industry standards and data reporting, a group that included Intuit, Miller said.

“Clearly this will be an ongoing effort to fight tax fraud and continue to evolve our security measures as the bad guys get smarter,” Miller said.

(c)2015 San Jose Mercury News (San Jose, Calif.), Distributed by Tribune Content Agency, LLC

Photo: Laura Gilmore via Flickr

PG&E Natural Gas Operation Honored, But Critics Say Pipeline System Remains Unsafe

PG&E Natural Gas Operation Honored, But Critics Say Pipeline System Remains Unsafe

By George Avalos, The Oakland Tribune

SAN BRUNO, California—PG&E on Tuesday announced it has received two international certifications for being a best-in-class operator of a natural gas system—but San Bruno city officials quickly denounced the certifications, saying the utility continues to operate unsafe gas pipelines in California.

The debate over the safety of PG&E’s system was the latest event in the aftermath of the 2010 natural gas pipeline explosion in San Bruno that killed eight people, injured 66 and destroyed 38 homes.

San Francisco-based PG&E said it received what it called prestigious certifications from Lloyd’s Register, an England-based organization that conducts engineering and operations audits in the utility, energy, rail and maritime industry. PG&E requested the certification and paid for the audit, utility spokeswoman Debbie Felix said Tuesday.

“These certifications are by no means the end, they are part of our process of improvement,” Christopher Johns, president of Pacific Gas & Electric, the utility operation of PG&E, said during a conference call. “We are doing the right work, and we are doing it the right way.”

Lloyd’s Register traveled throughout the 70,000-mile PG&E natural gas system earlier this year and conducted a series of independent audits and interviews as part of the certification process.

“This is not to say PG&E is perfect,” said Peter Glaholm, manager of energy utilities for Lloyd’s Register. “We will continue to push them.”

Despite the certifications, PG&E still is plagued by faulty record-keeping and other deficiencies that pose problems for the utility’s gas system, said Connie Jackson, San Bruno city manager.

“We remain concerned that the natural gas system is not adequately safe and that what happened in San Bruno could potentially happen again,” Jackson said.

The state Public Utilities Commission is considering whether to impose a fine that could top $2 billion to punish PG&E for the negligence that contributed to the fatal explosion. Separately, federal prosecutors seek to convict PG&E on criminal felony charges stemming from the blast.

“We are not going to get into some sort of public debate about the certifications,” Johns said in response to a question from this newspaper. “Obviously the San Bruno event was a tragedy. We are sorry for that. I would hope that we are all focused on how do we make the system as safe as it can be, and to take a look at the work we are doing.”

Photo: Ron Fletcher via Flickr

Want more national news? Sign up for our daily email newsletter!