Once the decorations are put away and the confetti is swept up, the start of a brand-new year opens up before us. However, among all the goodwill about new beginnings and fresh starts, there is an age-old task waiting for you that is not very pleasant: tax filing.
Somehow, the old year is not over just yet. You have to file the previous year’s returns by April 15, and you might notice that the paperwork starts to trickle in all during the month of January. Do not be tempted to toss it in a drawer or push it aside. Experts have warned that tax filing as soon as you possibly can is a good way to protect your identity and your refund.
Tax return fraud has been a major issue for many years, and it can happen to any taxpayer. The high rate of personally identifiable information that is available for thieves to use, thanks to data breaches or purchasing entire identity records on the Dark Web, contributes to the problem. Essentially, a thief files a fake tax return using your name, Social Security number and other details about you. They have the bogus refund issued to a prepaid debit card, and their work is done. When you attempt to file your own legitimate return, it gets rejected for being a duplicate.
It gets worse. Not only are you out your refund, your information is now associated with this tax return fraud. Even worse, you still have to file your correct return in a timely fashion or face penalties.
Fortunately, you are not powerless to stop a faceless criminal here. The best way to prevent tax return fraud is to simply beat the criminal to it. If you can get your return filed before they do it, yours will be the legitimate return and theirs will be the rejected duplicate.
Of course, you cannot get to tax filing until all of your documentation arrives, and legally that can take until January 31. That is why now is the time to start gathering any paperwork you will need, deciding on how you will prepare (at home with forms or software, or with a professional preparer) and getting ready to check off this important box.
Tax filing early has the added benefit of getting any refunds you are owed that much sooner. Do not put off tax filing as just another hassle or chore. Protect yourself this year by getting it out of the way.
You might also like…
The holidays have past and a new year is upon us. With that, New Year’s resolutions are beginning to surface. Some resolutions might include going to the gym every day, spending less time on social media or creating a budget you can actually stick to next year. While some of those resolutions might be more realistic than others, there are some practical resolutions you can make that will be even more beneficial. And it’s all based on protecting your identity… In 2019, the Identity Theft Resource Center saw the number of data breaches reported continue to rise. In fact, the ITRC has now recorded over 10,000 data breaches since 2005, hitting the mark this past calendar year. 2019 also saw the announcement of large-scale data breaches like Capital One and healthcare providers and insurance companies continue to be one of the hardest-hit targets, thanks to the overwhelming amount of personally identifiable information (PII) they gather. So what is your New Year’s resolution heading into 2020? If you do not have one, or even if you do, consider making some 2020 identity theft New Year’s resolutions to make your personal data as safe as you can. You can protect your privacy through your simple, everyday habits.
Resolution One: Be Aware of What You Post on Social Media and What You Share
If you are connected online through any of the several social media platforms, you need to know how they work and how to keep your information private.
- Enact practices that include not oversharing information and change your settings to private.
- Use different passwords for each social media account.
- Create strong and unique passwords that include two-factor authentication.
Resolution Two: Guard Your Data
One of your 2020 identity theft New Year’s resolutions should include keeping better tabs on your PII. Do not just turn over your Social Security number without asking why they need it and verifying their plans to protect it. A lot of organizations still ask for it simply out of habit. However, your SSN was designed as a tax identification number, and by law is not to be used for everyday identification purposes.
Resolution Three: Know the Latest Scams and Help Others Stay Alert Too
Fraudsters are always trying to find new ways to attack. That is why it is so important for consumers to stay up-to-date on all of the latest scams, fraud attempts and identity theft information. You can check in with the ITRC for the latest information by signing up for the TMI (Too Much Information) Weekly and following the ITRC on Facebook and Twitter. Once you know about the latest threats, you can help spread the word with friends and family.
Resolution Four: Adopt Good Cyber Hygiene Habits
While 2019 was the year of data, 2020 will be the year of privacy. That is one reason why your 2020 identity theft New Year’s resolutions should include good privacy habits. While data breach fatigue is a recognized phenomenon, the flip side is paranoia that makes you want to unplug and go off the grid. Neither is a solution. Rather, the solution is good privacy habits:
- Never clicking or downloading unknown attachments
- Ignoring messages that offer too good to be true deals
- Monitoring your accounts and looking for anything out of the ordinary
- Order your free yearly credit report
Resolution Five: Watch Out Account Hacks from Credential Stuffing
In 2019 we saw numerous data breaches and account hacks from credential stuffing. Disney+ users saw their accounts sold online after hackers were able to infiltrate their accounts and change the passwords to lock users out. Earlier in the year, TurboTax announced a data breach that was caused by credential stuffing. Consumers need to be sure they are consistently changing their usernames and passwords to reduce the risk of credential stuffing and having any accounts hacked. The unfortunate truth is that some identity theft crimes are unpreventable. However, these 2020 identity theft New Year’s resolutions are steps you can take that will reduce your risk of falling victim to identity theft and increase the likelihood of you spotting a problem quickly. The ITRC is always here to help. Call us toll-free at 888.400.5530 or live-chat with one of our advisors.
You might also like…
2019 has come and gone and it is time to jump into the future and look at the 2020 trends for identity theft.
Looking Back at Our 2019 Predictions
First, when we look back at our 2019 predictions, there is one particular prediction that came true. In 2019 we predicted that other states would follow California’s lead and pass their own privacy legislation. New York proposed the New York Privacy Act and, in some ways, it was more potent than California’s law. The exemptions for non-profits and small businesses were gone and the private right of action, the ability for individuals to some companies directly, were included. While it is unknown what the final form or outcome of New York’s legislation will be, it is one of the reasons we think the privacy conversation has finally reached its tipping point.
The Long Road to Privacy
The theme of 2019 was data and 2020’s will end up being privacy. People care about privacy. If you ask anyone on the street if they care about privacy, most will tell you they do. However, when they are presented with real-world scenarios, they usually do not adopt behaviors that would be considered privacy-centric. According to Pew Research, 80 percent of social media users are concerned about their privacy. The study goes on to shed light on why our feelings are so complicated when it comes to privacy. With that being said, these are social media users. They continue to use these platforms for a variety of different reasons, despite all of their concerns. Not very many people would drive their car if something was wrong with it until they fixed it. It would not be 80 percent, that is for sure. Why is it any different with social media users and their accounts? While it might seem nonsensical to compare vehicle safety to privacy, it isn’t. Consumers simply do not think of privacy as a safety issue – even though it is. As a society, we do not value privacy the way it needs to be valued. The good news is that the ITRC believes the 2020 trends around identity theft, data privacy and cybersecurity will include more conversations around the safety issue that is created when we do not fully understand when our privacy is violated, or what that even means. Perhaps 2020 will be the year where we don’t just say we care about our privacy but actually behave in a manner that supports it.
Data Breaches at the Forefront
As in years past, data breaches were also at the forefront in 2019. We saw too many of them as a result of open databases. Best Western recently experienced a data breach from an open database that exposed over 21 million government records. Choice Hotels and Adobe also experienced similar breaches in 2019. It is something that could continue to happen in 2020 because more businesses are moving to cloud-based databases. Many times the security of the database relies on the inherent security settings, which may or may not be robust, rather than custom security settings. We also saw numerous data breaches from credential stuffing in 2019. Some Disney+ users saw their accounts sold online after hackers were able to infiltrate their accounts and change the passwords to lock out account owners before posting the credentials online for others to use or buy. Earlier in the year, it was TurboTax announcing a data breach that was caused by credential stuffing. Consumers need to watch out for data breaches and account hacks from credential stuffing in 2020. They will need to take the steps to protect their privacy (change usernames and passwords, use strong passwords, etc.) for us to see fewer of these types of breaches and lessen their impact. It’s ITRC’s hope that the conversations around privacy issues will help decrease the incidents of data breaches and account hacks based around credential stuffing and grow to be fewer in the years to come.
ITRC is Here For You
Predictions are only an educated guess that are based on previous events and information. Industries, policymakers and the public will have to wait and see how the 2020 trends for identity theft, cybercrime and data privacy play out. Regardless of what happens in 2020, the ITRC will be here, working to fight back against the techniques scammers will be using to commit identity theft and supporting victims through the process of regaining their identities.
You might also like…
As this year winds down, it is important to spend a little time reflecting on the 2019 identity crimes, some of the things that went right in 2019 and the things that did not go as well. This is true for so many subjects, especially identity crime – which includes scams, fraud, data breaches, cybercrime and all of the other types of crimes that go with it.
Fallout from 2018
As in previous years, this past year has been a big one for these kinds of crimes. Tech users are still feeling the aftermath of things like the Facebook/Cambridge Analytica privacy debacle that was uncovered last year; Congress is still at work on what to do about consumer privacy in the social media age. Also, the news that phishing attacks more than doubled last year over the year before had researchers, businesses, lawmakers and consumers alike paying closer attention to the messages they receive.
What Went Right in 2019
Fortunately, new legislation has come along to make our privacy lives a little safer. The General Data Protection Regulation (GDPR) regulations went into effect in Europe last year, for example, and they inflict strict penalties on businesses that gather and store data but let it fall into the wrong hands. New laws in California and Colorado will be taking effect soon, intent on strengthening privacy and consumer choice. Best of all, the awareness of what constitutes these kinds of crimes and how to recognize them is increasing.
Top Security Incidents of 2019
However, this welcome news does not mean that consumers are safe or that hackers are finally giving up. With every new platform, tool or technology, there is even greater potential for new avenues of attack. Healthcare providers and insurance companies continued to be one of the hardest-hit targets this year, thanks to the overwhelming amount of personally identifiable information (PII) they gather. “Accidental exposure” breaches were a common 2019 identity crime for major-name companies, which happens when businesses store huge databases of private information – in an online server then fail to password protect it as an example. Even our entertainment was not safe, as many apps and online gaming portals suffered data breaches that were traced back to reusing passwords on multiple sites.
2019 did not just see a lot of large data breaches, but settlements as well.
In July, Equifax reached a $700 million settlement for harms caused by their data breach. Equifax agreed to spend $425 million to help victims of the breach, leading to lots of discussion on how to file a claim.
While the Equifax settlement was the largest in data breach history to date, Facebook blew it out of the water just two days later, as they were ordered to pay $5 billion. After the settlement, Facebook said it required a “fundamental shift” in Facebook’s approach at every level of the company in terms of their privacy.
A month and a half later a Yahoo data breach settlement was proposed for $117.5 million after over three billion Yahoo accounts were exposed. Identity Theft Resource Center CEO, Eva Velasquez, stated in a media alert that the settlement trend is moving the needle in the right direction for both consumers and victims. However, that was not without its challenges, including putting the onus on the consumer to tell the settlement administrators how they were harmed and provide proof of it.
10,000 Breaches Reported
This past year the Identity Theft Resouce Center also recorded 10,000 publicly-notified data breaches since 2005. As part of the milestone, the ITRC took a look back at some of the top breaches the last 15 years as part of our 10,000 Breaches Later blog series.
Minimizing Future Risks
While data breach fatigue is a recognized phenomenon, one that can occur when consumers are bombarded with constant news about their data being compromised, the flip side is the kind of paranoia that makes you want to unplug and go live off the grid. However, neither of those is the solution. What does work is an awareness of the threat and some good privacy habits to prevent crimes like the 2019 identity crimes:
- Never click a link or download an attachment in an email or message you were not expecting
- Ignore messages that offer amazing deals or threaten you with jail time for not complying
- Remember that gift cards are not legal tender for paying your taxes or paying a fee or fine
- Monitor your accounts and credit report routinely to look for anything out of the ordinary
- Place a freeze on your credit report if you will not be using it anytime soon
- Protect all of your accounts with strong, unique passwords that you change routinely
We’re Here to Help
Remember, you are not responsible for the criminal behaviors of a hacker. However, you can take steps that reduce your risk of becoming a victim and help minimize the damage if the worst does occur. The Identity Theft Resource Center is always here to help. Call us toll-free at 888.400.5530 or live-chat with one of our advisors.
You might also like…
Car safety does not just apply to how you drive. It also applies to what you leave behind. Our vehicles can often feel like a home away from home, especially for busy people with a lot on their plates. At any given time, your car might contain a change of clothes in your gym bag, some snacks or your lunch, a few extra water bottles that were supposed to go in the house and other random supplies that see us through the day.
While there is little harm in leaving some band-aids and spare change in the car, there are certain items that should not be left in a vehicle. Medicines, food, important papers, documents and even your devices should never be unattended, even in a locked vehicle.
Unfortunately, this practice is all-too-common, especially in the connected-everywhere world we live in. Leaving laptops, tablets, smartphones, wallets and even GPS-based devices in your vehicle can have disastrous results if an identity thief helps themselves. Here are some things to do when considering car safety:
All concerns about your identity aside, keeping these kinds of items in your vehicle can be a problem in a collision or other kind of accident. A briefcase or electronic device on your front seat can become a projectile under the wrong conditions. A heavy backpack or briefcase can also trigger the airbag sensor in your car, making a minor accident in which the driver’s airbag deploys even more expensive if the passenger-side airbag goes off needlessly.
Enact car safety and lock up all bags and devices that are not actively part of operating the vehicle. Stow them in the backseat if there are no passengers back there, or put them in the trunk or rear of the vehicle.
Keep It Secure
If your laptop or mobile device is stolen, replacing the expensive device might be the least of your worries. Keep a thief out of your email account, retailers’ apps and social media accounts by passcode protecting your device. After too many failed attempts, the device will become useless and your information will be safe.
Paper or Plastic?
You might think a stack of paper is useless to anyone—except for the employee who is bringing home paperwork to do. However, an identity thief might help themselves to those documents in hopes of stealing personally identifiable information after breaking out a window in your car. Exercise car safety and keep them out of sight where they cannot tempt a potential criminal.
Handbags Are Begging to Be Stolen
The rise of mobile payment apps means that our shopping just got a little more hands-free. The ability to pay with our phones means no more lugging a giant handbag or an overstuffed wallet with us. However, leaving your handbag or wallet in the car is a bad idea, even if it does not contain anything a thief can use. Just seeing it might be enough for someone to break the window and snatch it up, leaving you with a headache and a hefty repair bill.
Heading into the New Year, take a few moments to think about car safety habits that can lead to identity theft and other crimes and those that can help you reduce your risk. Here is wishing an identity-safe holiday season for us all!
You might also like…
The Association of Certified Fraud Examiners (ACFE) and the Identity Theft Resource Center are teaming up for a very important public event on Twitter.
International Fraud Awareness Week Nov 17-23
The two organizations have partnered to help consumers understand what is fraud, how to recognize a potential fraud attempt, and what to do about it.
This year’s week-long event focuses on the theme, “Who Is Responsible For Fraud Prevention?” The very short answer to this complicated question is: All of us! But without the proper tools and awareness, it can be hard to uncover and protect yourself against fraud attempts and related crimes. Whether you’re an industry professional, a public or consumer advocate, a lawmaker or law enforcement professional, or just someone who wants to know how to protect themselves and their privacy, this event is for you.
For more info: https://acfeinsights.squarespace.com/acfe-insights/join-the-acfe-and-itrc-for-a-fraud-week-twitter-chat
Join the #FraudWeekChat on Twitter Nov 20
A Twitter chat is an open conversation on the social media platform that anyone is able to join in. In order to read others’ tweets from the chat or contribute your own, you simply add the specific hashtag to your posts or search for it to read. The hashtag, #fraudweekchat, will allow you to see others’ comments and questions, even if you do not currently follow them on Twitter, while also allowing them to see your remarks.
Anyone who has a vested interest in recognizing and preventing fraud attempts—which really means everyone!—is welcome to participate. Simply log into your Twitter account on Wednesday, November 20, at noon ET / 9 a.m. PT, and be sure to follow both the ACFE (@TheACFE) and the Identity Theft Resource Center (@IDTheftCenter) for up-to-date information all year long. Remember to use the #fraudweekchat hashtag by typing the pound symbol and the words at the end of your tweets. Note: If you raise a question that is unanswered, please repeat it; it may have been overlooked in the high volume of traffic during the chat.
You might also like…
Can you handle this? 👑 🐝
We’re excited to announce that we have switched our social media handles to @IDTheftCenter and we thought we’d drop the news like a Beyoncé album.
You might also like…
Depending on where you live, your chances of becoming a victim of identity theft may increase, according to a new study by WalletHub. The study tracked three different avenues of this kind of crime and ranked each state by its prevalence in those areas. All fifty states and the District of Columbia were then assigned a ranking for each of the three areas, plus a combined overall score.
Top States for Identity Theft
Surprisingly, one of the longstanding frontrunners for identity theft just barely made the top ten. For many years, Florida has been one of the worst states for this crime, both in terms of total numbers of victims and in total the amount of money lost. According to these new findings, Florida is ranked 10th overall.
The factors the team used to come up with their scores included the number of per-capita identity theft complaints, per capita fraud complaints and the amount of money lost to these crimes per capita. When comparing the states with the highest numbers of issues to the states with the lowest numbers, they also discovered the difference between the highest and lowest was often exponential. Some top five states were twice as likely to have incidents as the lowest five. In some categories, the most vulnerable states were even five times as likely to experience this crime as the bottom five states.
The District of Columbia topped the list for the overall combined score. It was followed by California, Nevada, New Hampshire, South Carolina, Delaware, Louisiana, Texas, New York and Florida. Strategically, these states have very little in common in terms of location, population size or even income level. It goes to show that identity theft can be a crime of opportunity and intention rather than targeting.
You might breathe a little easier if you live in Missouri, Maine, Arkansas, Hawaii, Kansas, Oklahoma, West Virginia, Vermont, Wyoming or Kentucky. They ranked numbers 42 to 51, with Kentucky being the least vulnerable for identity theft. However, that does not suggest that residents in those states can let their guards down. It just means that they are less likely to be victimized than residents of other states, and not completely free of this crime.
No matter where you live, though, you can take proactive measures to reduce your risk of identity theft-related attacks. Freezing your credit report, practicing good password security, being mindful of oversharing your personal data and getting a good grasp on how to spot phishing attempts are all excellent ways to work towards a more secure identity.
You might also like…
One of the most baffling forms of identity theft and fraud is synthetic identity theft. This crime occurs when a would-be thief assembles an identity from stolen or assumed parts. It might be a name and birthdate gleaned from a computer record, an address made up on the spot, a Social Security number (SSN) concocted or stolen from a database of unissued numbers and an email address that has not been used in years.
Creating Frankenstein’s Digital Monster
According to the Identity Theft Resource Center, the volume of PII exposed in data breaches increased by 126% between 2017 and 2018 to more than 446 million records exposed. Marketplaces on the dark web then sell these breached records and by piecing it together, these random and disconnected pieces of information come alive to create a whole new non-existent person, one that credit reporting agencies and lenders have never heard of.
Much like Frankenstein’s monster, whose body (and therefore its’ identity )was created from various corpses’ parts, this new identity is out there in the world causing chaos and wreaking havoc, and no one knows how to locate it. Unfortunately, the very mechanism that is supposed to stop fake or erroneous credit applications from going through is the actual method criminals use to make it work.
What Comes Next
Once they have their Frankenstein identity in hand, the criminal begins filling out applications. These initial attempts get rejected because the creature has no credit history. However, filing an application and having it rejected actually creates the credit report.
After those first failed attempts, one of them goes through and the criminal’s fun begins. By using that new line of credit to make purchases, future credit applications get approved more often and faster.
One of the great conundrums about the story of Frankenstein is the ethics of killing a monster that is not really alive. The same is true of synthetic identity theft. How do you punish a criminal who has not actually stolen anyone’s identity? Of course, purchasing goods in a fake name and never paying for them is a crime, but it does not rank with identity theft in many people’s minds.
The Victims of Identity Crimes
There can actually be a victim, though. First, if the SSN the thief created actually matches someone’s legitimate number, that SSN can be tied to the criminal activity. More commonly, the SSN that was stolen from the list of unissued SSNs and used for synthetic identity theft eventually gets issued to a newborn applicant. This child may now have hundreds of thousands of dollars in debt that was accrued before they were ever born. This is one of the reasons why parents are being cautioned to freeze their children’s credit reports until they are adults.
While the reader is eventually led to feel sympathy for Frankenstein’s monster, all of his crimes aside, no one should overlook the damage caused by synthetic identity theft. As noted in the newest whitepaper by the Federal Reserve, “Detecting Synthetic Identity Fraud in the U.S. Payment System,” Auriemma Group estimates that synthetic identity fraud cost U.S. lenders $6 billion and accounted for 20% of credit losses in 2016. Retailers are stolen from, and a real individual could inherit a mess. There is no such thing as a victimless identity theft crime.
You might also like…
GET ID THEFT NEWS
Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center