Are you one of the many Americans who wait until the last minute to file their state and federal taxes? Do you often push the April 15 filing deadline? As the final stretch of tax season comes to a close, many unlucky Americans may find themselves the victims of tax refund fraud.

Stolen identity tax refund fraud takes place when someone willfully and intentionally files a tax return electronically using another person’s identity to fraudulently collect funds, made possible by flaws in the current IRS system. All that is required to file a return electronically is a victim’s date of birth and Social Security number. Additionally, the IRS starts to accept returns on Jan. 1, while companies are not required to send their filing information in until March. The problem remains because the IRS does not compare employer filings to employee filings until the middle of the summer.

How Does the Scam Work?

In order to pull off this type of scam, the fraudster must first get a hold of personally identifiable information (PII) of potential victims. PII includes a victim’s Social Security number and date of birth. With recent health care data breaches, more Americans are at risk of stolen identity tax refund fraud than ever before.

Fraudsters will use stolen PII to file a return in the victim’s name electronically early in the season. By filing it early, the fraudster has a higher chance of receiving the refund before the victim has started to file his or her return information and becomes aware any fraudulent activity has already taken place in his or her name.

Advances in technology such as e-filing systems make for a faster and simpler filing process for everyone — including fraudsters. They simply need a Wi-Fi connection, a laptop and the partial PII of potential victims. Some smartphones even have an app to file tax returns.

A fraudster can submit multiple phony refund filings in a day by simply fabricating a victim’s income, submitting the information electronically and requesting the refund be sent to his or her address or put on a prepaid debit card.

Case Examples of Tax Refund Fraud

A woman and her daughter were arrested in Raleigh, North Carolina, for filing fraudulent returns over a six-year period and pocketing an estimated $1.4 million. According to the Carolina Journal Online, the fraud involved fabricated identities, phony W-2 earnings statements and the listing of dependents who did not exist.

In a much larger case, a 75-year-old man from Fort Lee, New Jersey, was sentenced to 17 months in prison for filing fraudulent returns. According to the U.S. Department of Justice, U.S. Attorneys and the IRS celebrated the takedown of the scheme, which apparently involved the filing of more than 8,000 fraudulent federal returns claiming more than $65 million in fraudulent refunds. The losses to the United States totaled more than $12 million.

What Happens if You Are a Victim?

If you find yourself a victim of stolen identity tax refund fraud, notify the IRS Identity Protection Specialized Unit immediately. You will also need to fill out the IRS Identity Theft Affidavit (Form No. 14039).

Additionally, the IRS recommends victims take the following steps to ensure their safety:

  • Report incidents of identity theft to the Federal Trade Commission.
  • File a report with the local police.
  • Contact the fraud departments of the three major credit bureaus: Equifax, Experian and TransUnion.
  • Close any accounts that have been tampered with or opened fraudulently.

What Is Law Enforcement Doing About It?

The IRS has a skilled team of investigators who are leading the agency’s effort to combat the threat. The IRS has identified flaws in its online e-filing system and is working toward making the necessary changes. According to the FBI, the IRS is continuing to make enhancements in fraud prevention, early detection and victim assistance. Additionally, the FBI is teaming up with the IRS, U.S. Secret Service and banks to follow the money and identify criminal organizations that are engaged in tax refund fraud.

How Can You Prevent Yourself From Becoming a Victim?

While you won’t be able to prevent a large PII breach, you can take the following simple steps to protect yourself:

  • Keep your Social Security card secure at all times. Don’t carry it around in your wallet or leave it in plain sight. Treat your Social Security card as you would any valuable you own.
  • Always keep your financial information protected.
  • Run a credit report on a biannual or annual basis.
  • Protect your computers by keeping your antivirus system up-to-date, using firewalls, changing passwords routinely and not opening suspicious emails.
  • Never provide personal information over the phone nor through mail or email unless you initiated the contact and you are positive you know the person to whom you are providing it.

More from Fraud Protection

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

How Security Teams Combat Disinformation and Misinformation

“A lie can travel halfway around the world while the truth is still putting on its shoes.” That popular quote is often attributed to Mark Twain. But since we're talking about misinformation and disinformation, you’ll be unsurprised to learn Twain never said that at all. In fact, no one knows who first strung those words together, but the idea that truth spreads slowly while lies spread quickly is at least several hundred years old. The “Twain” quote also serves to…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence Index 2022 named ransomware as the top attack type in 2021. What exactly is the DOJ doing to improve policing of cryptocurrency and other cyber…