The past few years, the IRS has fallen victim to hackers stealing information from taxpayers to commit identity theft. Namely, these thieves commit tax refund fraud, which in turn causes problems for taxpayers who try to submit their taxes and find out their refund has already been processed. It can take a significant amount of time and hassle to fix the problem, often to the cost of the taxpayer rather than the thief. The IRS has announced recently it is implementing new programs to battle this identity theft and make it safer for taxpayers across the country to file their taxes.
Fighting Fraudulent Returns
The IRS’ website was victim to a large hack that provided taxpayer information to these fraudsters. The fraudulent filers take the social security numbers and other sensitive data of taxpayers and then file a fake return for them that details a high return. The IRS then sends the money to the criminal, and the taxpayer remains completely unaware until they try to file their return that year.
The agency lost more than $39 million in federal refunds because of this data breach and subsequent fraud. The IRS plans to implement more than 20 new data elements in their tax returns to help prevent these fraudulent returns, according to USA Today. This program is an unprecedented public-private information sharing initiative that will protect data and ensure that taxpayers’ information is safe.
Reviewing Tax Preparation Firms and Software
The initiative does not just affect the IRS and its website; it also changes the way tax preparation firms and software companies submit tax returns. A large portion of the program has tax preparation firms sharing data with the IRS and state tax agencies. There will be a review of the transmission, including looking for repetitive use of the same IP number. It will also look for the computer device identity data link to source the origin of the return and capture metadata to ensure the returns are legitimate. It will also review the amount of time it takes to complete a return, which can help determine if it is mechanically being completed by a computer for fraudulent purposes.
Tax software providers have also agreed to toughen certain safety requirements for users, including passwords to help prevent hackers from gaining access to the information. This will include password requirements for strong passwords, including a minimum of eight characters using special characters, lowercase, uppercase, and both alpha and numeric characters. There will also be three security questions and a lockout feature if there have been a certain number of login attempts.
Numerous industry organizations, including more than 34 state departments of revenue and 20 tax industry members, have already signed an agreement to implement these safeguards to protect taxpayers and prevent fraud that takes away federal revenue. The measures are being put in place despite budget cuts for the agency because identity theft protection is seen as a priority and will remain so moving forward. Hopefully these measures will reduce the number of fraudulent tax filings and protect the taxpayers’ sensitive information so they do not become victims of other types of fraud.