Dear Taxpayer: We’ve lost your identity
By Tom Baxter
This year the American taxpayer’s certificate of honor is IRS Form 14039, the Identity Theft Affidavit, which hundreds of thousands of us have been required to file along with a paper copy of our tax returns.
The tax season began with the announcement by the biggest tax software provider, TurboTax, that it was temporarily suspending filing state returns because an unusually high number of fraudulent returns had been detected. It reached a sublime anticlimax last month with the announcement that hackers had stolen the personal information of 104,000 people using the Internal Revenue Service’s own website.
All told, the raid on the federal treasury in the form of fraudulent tax refunds this year is likely to dwarf the 2011 total of $5.2 billion, a figure mentioned by IRS Commission John Koskinen in testimony before the Senate Finance Committee last week.
The IRS hack is said to be a sophisticated operation carried out by the Russian mob. But a huge amount of the money the IRS has been taken for is low-tech, small-time fraud of the garden variety. That’s because, as one story puts it, “It’s oddly simple to claim someone’s tax refund.” Anybody with somebody else’s Social Security number can do it.
As this highly informative infotoon explains, Alabama has become a hotbed for this kind of grab-and-run identity theft. It has a large population — the elderly, prisoners, the mentally ill — of people who don’t routinely file income tax returns, as well as those — like the postman in Montgomery and the lab technician in Dothan who were prosecuted — willing to sell the information they have access to.
The sheer number of scams reported, up and down the food chain, suggests that Koskinen’s eye-popping estimate that 2.7 million taxpayers had their identities stolen last year may fall short.
Compared to the cable-driven furor over conservative groups being denied non-profit status by the IRS, there has been remarkably little heat generated around this run on the national treasury. Only after U.S. Sen. Kelly Ayotte, R-NH, complained about it did the IRS get around, late last month, to agreeing to give taxpayers copies of bogus returns filed in their names.
Koskinen said last week the IRS plans to team with the states and the tax software companies to add new safeguards next year. But you have to wonder how much technological credibility his agency has left. In a report this week, Federal News Radio caught the IRS putting out an RFP for $130 million in contracts for an identity verification system which appears to duplicate one already established for the entire federal government. Behind the scenes in the response to this massive breach, a bureaucratic battle over cyber-turf seems to have broken out.
There are a few relatively low-tech ways, short of the Fair Tax, for the government to fight this alarming problem. One would be to severely restrict sending money out into the void, perhaps by refunding in the form of weekly credits in workers’ paychecks. Another would be to make the tax verification process at least as hard as signing into an online bank account.
In both these cases, it would be the taxpayers who would be delayed or inconvenienced, but something more reality-based than a new computer identity verification system may be necessary to combat this problem.
The simple tax refund scams are just the tip of the iceberg. With information like that hacked from the IRS website, criminals can apply for all kinds of government benefits without being noticed by the credit-tracking services.
“The criminals have started to realize that where the big money is is the government — federal, county and state,” a security consultant told the Washington Post.
Left untended, this could be the Deepwater Horizon of federal dollars.