IRS Statement on the “Get Transcript” Application
The IRS announced today that criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS’ “Get Transcript” application. This data included Social Security information, date of birth and street address.
These third parties gained sufficient information from an outside source before trying to access the IRS site, which allowed them to clear a multi-step authentication process, including several personal verification questions that typically are only known by the taxpayer. The matter is under review by the Treasury Inspector General for Tax Administration as well as the IRS’ Criminal Investigation unit, and the “Get Transcript” application has been shut down temporarily. The IRS will provide free credit monitoring services for the approximately 100,000 taxpayers whose accounts were accessed. In total, the IRS has identified 200,000 total attempts to access data and will be notifying all of these taxpayers about the incident.
As always, the IRS takes the security of taxpayer data extremely seriously, and we are working aggressively to protect affected taxpayers and continue to strengthen our protocols.
The IRS announced today it will be notifying taxpayers after third parties gained unauthorized access to information on about 100,000 accounts through the “Get Transcript” online application.
The IRS determined late last week that unusual activity had taken place on the application, which indicates that unauthorized third parties had access to some accounts on the transcript application. Following an initial review, it appears that access was gained to more than 100,000 accounts through the Get Transcript application.
In this sophisticated effort, third parties succeeded in clearing a multi-step authentication process that required prior personal knowledge about the taxpayer, including Social Security information, date of birth, tax filing status and street address before accessing IRS systems. The multi-layer process also requires an additional step, where applicants must correctly answer several personal identity verification questions that typically are only known by the taxpayer.
The IRS temporarily shut down the Get Transcript application last week after an initial assessment identified questionable attempts were detected on the system in mid-May. The online application will remain disabled until the IRS makes modifications and further strengthens security for it.
The matter is under continuing review by the Treasury Inspector General for Tax Administration and IRS offices, including Criminal Investigation.
The IRS notes this issue does not involve its main computer system that handles tax filing submission; that system remains secure.
On the Get Transcript application, a further review by the IRS identified that these attempts were quite complex in nature and appear to have started in February and ran through mid-May. In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles. During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.
In addition, to disabling the Get Transcript application, the IRS has taken a number of immediate steps to protect taxpayers, including:
- Sending a letter to all of the approximately 200,000 taxpayers whose accounts had attempted unauthorized accesses, notifying them that third parties appear to have had access to taxpayer Social Security numbers and additional personal financial information from a non-IRS source before attempting to access the IRS transcript application. Although half of this group did not actually have their transcript account accessed because the third parties failed the authentication tests, the IRS is still taking an additional protective step to alert taxpayers. That’s because malicious actors acquired sensitive financial information from a source outside the IRS about these households that led to the attempts to access the transcript application.
- Offering free credit monitoring for the approximately 100,000 taxpayers whose Get Transcript accounts were accessed to ensure this information isn’t being used through other financial avenues. Taxpayers will receive specific instructions so they can sign up for the credit monitoring. The IRS emphasizes these outreach letters will not request any personal identification information from taxpayers. In addition, the IRS is marking the underlying taxpayer accounts on our core processing system to flag for potential identity theft to protect taxpayers going forward — both right now and in 2016.
These letters will be mailed out starting later this week and will include additional details for taxpayers about the credit monitoring and other steps. At this time, no action is needed by taxpayers outside these affected groups.
The IRS is continuing to conduct further reviews on those instances where the transcript application was accessed, including how many of these households filed taxes in 2015. It’s possible that some of these transcript accesses were made with an eye toward using them for identity theft for next year’s tax season.
The IRS emphasizes this incident involves one application involving transcripts — it does not involve other IRS systems, such as our core taxpayer accounts or other applications, such as Where’s My Refund.
The IRS will be working aggressively to protect affected taxpayers and strengthen our protocols even further going forward
Issue Number: IRS Tax Tip 2015-20
Inside This Issue
Stay Vigilant Against Bogus IRS Phone Calls and Emails
Tax scams take many different forms. Recently, the most common scams are phone calls and emails from thieves who pretend to be from the IRS. They use the IRS name, logo or a fake website to try to steal your money. They may try to steal your identity too. Here are several tips from the IRS to help you avoid being a victim of these tax scams:
The real IRS will not:
- Initiate contact with you by phone, email, text or social media to ask for your personal or financial information.
- Call you and demand immediate payment. The IRS will not call about taxes you owe without first mailing you a bill.
- Require that you pay your taxes a certain way. For example, telling you to pay with a prepaid debit card.
Be wary if you get a phone call from someone who claims to be from the IRS and demands that you pay immediately. Here are some steps you can take to avoid and stop these scams.
If you don’t owe taxes or have no reason to think that you do:
- Contact the Treasury Inspector General for Tax Administration. Use TIGTA’s “IRS Impersonation Scam Reporting” web page to report the incident.
- You should also report it to the Federal Trade Commission. Use the “FTC Complaint Assistant” on FTC.gov. Please add “IRS Telephone Scam” to the comments of your report.
If you think you may owe taxes:
- Ask for a call back number and an employee badge number.
- Call the IRS at 800-829-1040. IRS employees can help you.
In most cases, an IRS phishing scam is an unsolicited, bogus email that claims to come from the IRS. They often use fake refunds, phony tax bills, or threats of an audit. Some emails link to sham websites that look real. The scammers’ goal is to lure victims to give up their personal and financial information. If they get what they’re after, they use it to steal a victim’s money and their identity.
If you get a ‘phishing’ email, the IRS offers this advice:
- Don’t reply to the message.
- Don’t give out your personal or financial information.
- Forward the email to email@example.com. Then delete it.
- Don’t open any attachments or click on any links. They may have malicious code that will infect your computer.
Stay alert to scams that use the IRS as a lure. More information on how to report phishing or phone scams is available on IRS.gov.
If you found this Tax Tip helpful, please share it through your social media platforms. A great way to get tax information is to use IRS Social Media. You can also subscribe to IRS Tax Tips or any of our e-news subscriptions.
Phone Scams Continue to be Serious Threat, Remain on IRS “Dirty Dozen” List of Tax Scams for the 2015 Filing Season
IR-2015-05, Jan. 22, 2015
WASHINGTON — Aggressive and threatening phone calls by criminals impersonating IRS agents remain near the top of the annual “Dirty Dozen” list of tax scams for the 2015 filing season, the Internal Revenue Service announced today.
The IRS has seen a surge of these phone scams in recent months as scam artists threaten police arrest, deportation, license revocation and other things. The IRS reminds taxpayers to guard against all sorts of con games that arise during any filing season.
“If someone calls unexpectedly claiming to be from the IRS with aggressive threats if you don’t pay immediately, it’s a scam artist calling,” said IRS Commissioner John Koskinen. “The first IRS contact with taxpayers is usually through the mail. Taxpayers have rights, and this is not how we do business.”
The Dirty Dozen is compiled annually by the IRS and lists a variety of common scams taxpayers may encounter any time during the year. Many of these con games peak during filing season as people prepare their tax returns or hire someone to do so. This year for the first time, the IRS will issue the individual Dirty Dozen scams one at a time during the next 12 business days to raise consumer awareness.
Phone scams top the list this year because it has been a persistent and pervasive problem for many taxpayers for many months. Scammers are able to alter caller ID numbers to make it look like the IRS is calling. They use fake names and bogus IRS badge numbers. They often leave “urgent” callback requests. They prey on the most vulnerable people, such as the elderly, newly arrived immigrants and those whose first language is not English. Scammers have been known to impersonate agents from IRS Criminal Investigation as well.
“These criminals try to scare and shock you into providing personal financial information on the spot while you are off guard,” Koskinen said. “Don’t be taken in and don’t engage these people over the phone.”
The Treasury Inspector General for Tax Administration (TIGTA) has received reports of roughly 290,000 contacts since October 2013 and has become aware of nearly 3,000 victims who have collectively paid over $14 million as a result of the scam, in which individuals make unsolicited calls to taxpayers fraudulently claiming to be IRS officials and demanding that they send them cash via prepaid debit cards.
As telephone scams continue across the country, the IRS recently put out a new YouTube video with a renewed warning to taxpayers not to be fooled by imposters posing as tax agency representatives. The new Tax Scams video describes some basic tips to help protect taxpayers from tax scams.
These callers may demand money or may say you have a refund due and try to trick you into sharing private information. These con artists can sound convincing when they call. They may know a lot about you.
The IRS reminds people that they can know pretty easily when a supposed IRS caller is a fake. Here are five things the scammers often do but the IRS will not do. Any one of these five things is a tell-tale sign of a scam.
The IRS will never:
Call to demand immediate payment, nor will the agency call about taxes owed without first having mailed you a bill.
Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
Require you to use a specific payment method for your taxes, such as a prepaid debit card.
Ask for credit or debit card numbers over the phone.
Threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.
If you get a phone call from someone claiming to be from the IRS and asking for money, here’s what you should do:
If you know you owe taxes or think you might owe, call the IRS at 1-800-829-1040. The IRS workers can help you with a payment issue.
If you know you don’t owe taxes or have no reason to believe that you do, report the incident to the TIGTA at 1-800-366-4484 or at www.tigta.gov.
If you’ve been targeted by this scam, also contact the Federal Trade Commission and use their “FTC Complaint Assistant” at FTC.gov. Please add “IRS Telephone Scam” to the comments of your complaint.
Remember, too, the IRS does not use email, text messages or any social media to discuss your personal tax issue involving bills or refunds. For more information on reporting tax scams, go to www.irs.gov and type “scam” in the search box.
Additional information about tax scams is available on IRS social media sites, including YouTube http://www.youtube.com/irsvideos and Tumblr http://internalrevenueservice.tumblr.com, where people can search “scam” to find all the scam-related posts.
Organizers are being mailed/emailed the week of January 5.
Please let us know if you have not received your organizer by January 15.
If you need to change your appointment, you can call us, email us, or use the Contact Us form on the website!
See you soon!
Senate Passes One-Year Tax Extenders Package, President to Sign
Posted on 12/17/2014 by Cch
The Senate on December 16 approved, by a vote of 76 to 16, the Tax Increase Prevention Act of 2014(HR 5771), which retroactively extends for one-year some 54 expired tax provisions and makes technical corrections to existing tax laws.
The Act, which is estimated to cost $44.7 billion over 10 years, extends the currently-expired incentives through 2014.
Outgoing Senate Finance Committee Chairman Ron Wyden, D-Ore., assailed the last-minute passage of a one-year bill, saying that the current tax code is “utterly broken.” He also pointed out that, because the bill is retroactive to 2014, it is, in reality, a two-week extension of the tax provisions. “Here’s my bottom line: Retroactive tax bills like the one before the Senate tonight may satisfy Congress, but they leave workers, families and businesses wanting. It’s time for Congress to do the hard work of tax reform,” said Wyden.
The package includes provisions that would extend for one year retroactively to January 1, 2014, the optional sales tax deduction (in lieu of state and local income taxes), the above-the-line higher education deduction, the exclusion of income from mortgage debt cancellation on a principal residence and the above-the-line classroom expense deduction, among others for individuals. For businesses, the new law will provide one-year retroactive extensions for the research tax credit, 50-percent bonus depreciation, enhanced Code Sec. 179 expensing (including cost recovery for qualified leasehold improvements, retail improvements and restaurant property), the New Markets Tax Credit and the Work Opportunity Tax Credit, in addition to the one-year extension of over 20 other tax breaks.
The Act also allows multiemployer pension plans to take an additional five years to amortize funding shortfalls and extends special rules for three categories of severely underfunded multiemployer pension plans. Along with the extenders, the measure includes the House-approved ABLE Bill, which creates tax-exempt accounts for use by individuals to pay qualified disability expenses. These include the costs of education and personal support.
Among its revenue raisers, the ABLE Bill indexes for inflation certain civil tax penalties. It also allows certain professional employer organizations to become solely responsible for the customer’s employment taxes, excludes dividends received from a foreign subsidiary from the additional 20-percent tax on personal holding company income and makes changes to Medicare. In contrast, the extenders portion of HR 5771 contains no revenue offsets.