Identity Fraud

How To Avoid Tax-Related Identity Fraud

Online and virtual identity theft are on the rise and this is the season to be extra vigilant.

Most recently, the United States Postal Service (USPS) revealed that it had suffered a data breach. More than 800,000 employees were impacted in the scheme. CNN, citing a U.S. official familiar with the breach, says 2.9 million postal service customers were also affected by the breach. Potentially compromised customer details include names, addresses, telephone numbers and e-mail addresses.

Sadly, these are no longer isolated cases, but rather a pattern of malicious behavior by bad actors, often facilitated by murky organizations and even hostile countries.

While we always urge extreme caution with any financial aspects of your lives, we would like to take this opportunity to address Identity Theft schemes that, over the last five years, have crept into the annual tax filing process and wreaked havoc on taxpayers and tax practitioners alike. The IRS has reported that the number of tax returns with confirmed identity theft was 597,000 in 2017, and a staggering 883,000 in 2016. Though the individual cases processed by the IRS have declined, the number of phishing scams more than doubled in 2018 vs. 2017. And the scams are getting more and more sophisticated each year.

There are two types of IRS fraud. First is when scammers try to impersonate an IRS agent or officer in an effort to extort money from the victim. Typically, you would get a phone call or an email, purportedly from the IRS saying that you owe taxes and must pay them or else. Of course, most of these are obvious tricks, but sometimes people still get conned, especially when a ruse is set up with enough sophistication. These scammers have been perfecting their trade and what started as Unknown Caller ID VOIP calls and emails in broken English progressed to some very believable emails or calls. These are now frequently facilitated by Americans without a trace of an accent calling from a 202 area code, or emailing from what appear on the surface to be legitimate government email accounts with stolen IRS logos and graphics.

It is worth reiterating that the Internal Revenue Service NEVER communicates by electronic mail, and NEVER initiates contact by telephone. The statutory rules require that all taxpayer contact from the government be initiated by First-Class mail. Additionally, the IRS never attempts to collect its debt through debit cards, Paypal, wire transfers, etc. Procedurally, there would be multiple communications from Internal Revenue, under the Collections Due Process, before a debt can be considered enforceable. And even then, all collections efforts are still undertaken by government mail, not emails or phone calls.

The second type is a tax-related identity theft, which occurs when someone uses your stolen Social Security Number (SSN) to file a tax return claiming a fraudulent refund. You may be unaware that this has happened until you or your CPA tries to e-file your return and discovers that a return already has been filed using your SSN. Or, the IRS may send you a letter saying it has identified a suspicious return using your SSN.

What usually happens is that fraudsters acquire victim’s information (SSN, name and address) on the dark web, usually in bulk. Then they file a victim’s return very early in the tax season, using the correct social and name, but a fake address and fake federal tax credits to claim fraudulent refunds. Sometimes they would request a physical check to be mailed to that fake address, but in some cases, they would set up burner bank accounts for a quick direct deposit. And when the victim tries to file his or her legitimate return with the IRS, the government rejects the filings as “duplicate”.

There have been some enhancements to this taxpayer vulnerability in the last two years. The banks started to cooperate better with the US Treasury and are able to intercept a large number of refunds going to burner accounts.

Additionally, IRS allows residents of most targeted jurisdictions like Florida, Georgia and District of Columbia to request an Identity Protection number (a so called IP PIN). If you are a resident of any of these high-risk states, feel free to contact us about your options.

To summarize, we are urgently promoting extra awareness of tax-related fraud, especially in anticipation of another busy tax season. When in doubt or for assistance with an IP PIN, please call Oleg Ikhelson, Director, Tax Services at PagnatoKarp at 703-468-2730 or email


At PagnatoKarp, our Wealth Management Experience helps streamline your life through high touch sophistication, high tech innovation and True Fiduciary® transparency. Core experiences place your interests first and fuse investments, planning, tax, legal, banking, trust, family and concierge. With over $4.5 billion assets under advisement¹, PagnatoKarp is frequently ranked on top financial advisor lists by Barron’s and Forbes and is a Virginia Best Places to Work². Call 703-468-2700 or email: