Identity Tax Fraud: Protecting Your Tax Refund

< Back to Insights
Insights  <  Identity Tax Fraud: Protecting Your Tax Refund

With 2016 in the rearview mirror, Americans find their tax documents slowly arriving in the mail. Tax compliance is exciting for some, and dreadful for others. Despite differing feelings about taxes, every taxpayer wants to avoid being notified their e-filed tax returns were rejected, on the grounds that another return with their personal information was already received.

Fraudsters around the globe steal people’s identities for financial gains, including filing phony tax returns claiming refunds. Below is a discussion on the status of identity tax fraud in 2017, the personal information at risk, the methods used by fraudsters to steal identities, and the safeguards put in place by authorities.

What Are Fraudsters Up to This Time?

On January 11, the Security Summit released an alert on a new form of phishing, called “email spoofing”, aimed at tax professionals. Email spoofing is when cybercriminals disguise themselves to be trustworthy people or organizations to obtain personal and financial information for malicious reasons. The current scheme is accomplished in a two-step process, and includes the following aspects:

  • The tax professional receives an email soliciting them to file taxes for what appears to be a legitimate sender.
  • When the tax preparer responds to the email, the fraudster sends a second email, which contains an embedded web address, or a PDF attachment with an embedded address, enticing the tax professional to open it thinking it contains a client’s tax documents.
  • In reality, the fraudsters are collecting the tax professional’s email address, password and possibly much more.

Payroll Departments and Human Resources Targeted Again

On January 25, the Security Summit released an alert describing a different email spoof that involves cybercriminals tricking payroll and human resource officials into disclosing employee personal and financial information by claiming to be the Chief Executive Officer. The thieves then proceed to file fraudulent tax returns for refunds with the personal information they have stolen. The Security Summit Alert highlighted the following language found in the emails:

  • “Kindly send me the individual 2016 W-2 and earnings summary for all W-2 of our company staff for a quick review.”
  • “Can you send me the updated list of employees with full details: Name, Social Security Number, Date of Birth, Home Address, and Salary?”
  • “I want you to send me the list of W-2 copy of employees wage and tax statement for 2016, I need them in PDF file type, and you can send it as an attachment. Kindly prepare the lists and email them to me asap.”


In 2015, the Security Summit was formed as a joint effort of the Internal Revenue Service (IRS), state tax agencies, and software providers, to advance the fight against identity theft refund fraud. Some of the safeguards instituted by the Summit partners in 2017 include:

  1. The IRS is partnering with certain payroll service providers to include a new 16-digit verification code on an estimated 50 million W-2s in 2017.
  2. Some states, New York for example, now require driver’s license information as an e-filing requirement, so they may cross reference records and confirm identities.
  3. The PATH Act of 2015, contains provisions which require the Federal Government to hold certain refunds:
  • Starting January 1, 2017, the IRS must hold refunds for ALL taxpayers who claim the Earned Income Tax Credit (EITC) OR the Additional Child Tax Credit (ACTC), until mid-February.
  • This allows the IRS extra time to “prevent revenue loss from identity theft and refund fraud related to fabricated wages and withholdings.”
  • Note that the IRS will hold the entire refund, not just the EITC or ACTC portion.

Typical Warning Signs that Point to Tax Return Identity Theft Include:

  • When the IRS or tax preparer notifies you that more than one tax return was filed using your social security number,
  • You receive a notice regarding owing additional tax,
  • You receive a notice regarding a refund adjustment, or collection action being taken against you, regarding a year you did not file a tax return, and
  • When the IRS records show your tax returns contained wages and other income from employers with which you were not employed.

Final Thoughts to Keep in Mind

Please remember that the IRS DOES NOT initiate any contact with taxpayers by any type of electronic communications (such as email) seeking personal or financial information. The IRS encourages the reporting of suspicious phishing scams by contacting For additional reading, please consider referencing IRS Publication 4524 Security Awareness for Taxpayers.

Disclaimer: Any written tax content, comments, or advice contained in this article is limited to the matters specifically set forth herein. Such content, comments, or advice may be based on tax statutes, regulations, and administrative and judicial interpretations thereof and we have no obligation to update any content, comments or advice for retroactive or prospective changes to such authorities. This communication is not intended to address the potential application of penalties and interest, for which the taxpayer is responsible, that may be imposed for non-compliance with tax law.

Continue the Conversation with Our Team
Get in touch with us.

Contact Us