In IR-2023-143, the Internal Revenue Service (IRS) and affiliated Security Summit partners warned tax professionals they must recognize the signs of data theft. Tax professionals are a priority target for data identity thieves because they have valuable client data that is very attractive for identity thieves.
IRS Commissioner Danny Werfel noted, "It is important for tax professionals to protect their systems from identity thieves who always look for new methods to steal data. There are practical ways for practitioners to keep on top of the latest trends and signs of data and identity theft."
Tax professionals should know the warning signs their clients may receive.
- Notice of IRS Online Account — An identity thief will create an account for a client without his or her consent. The client then receives notice of the account or that an existing account was improperly accessed.
- Tax Transcript — The client receives a tax transcript that was not requested.
- IRS Tax Balance Due — The client receives a notice claiming to be from the IRS that they owe additional tax. The tax due is different from the amount reported on his or her tax return.
- Unexpected Call or Email — A client responds to an email that claims to have been sent by the tax professional but was actually sent by a fraudster.
- Unexpected Tax Refund — The client has not filed a tax return but receives a large check from the IRS.
There are several red flags related to the business operations of the tax professional.
- Slow Computer or Network Response — The computer network has slowed down. This may be a sign of malware, which would report all computer activity to a fraudster.
- Unexpected Computer Actions — The computer cursor moves on its own or numbers change without any action by the tax professional. It may be discovered that the fraudster has locked files or a computer to prevent access to client data.
- Rejected Tax Return — The IRS informs the tax professional that a return is rejected because it has already been filed using that Social Security Number.
- Unexpected IRS Letter — The client has not filed a tax return but receives an IRS authentication letter that reports a return was filed.
- Multiple e-File Receipts — Normally, the tax professional will receive acknowledgments after e-filing a tax return. If you receive more acknowledgments than returns filed, a fraudster may be involved.
Tax professionals should report any fraud to the local IRS stakeholder liaison. An email should also be sent to the Federation of Tax Administrators at [email protected]
. In addition, clients should obtain an Identity Protection (IP) PIN or complete IRS Form 14039, Identity Theft Affidavit.