Social networking sites are a great way for families and friends to stay in contact with each other. They also provide an open forum for people to speak their mind, talk about issues that are important to them, and share photos and memories with the world. Kids and teens have especially taken to this new way of connecting with people. In 2009, 38% of 12 year olds in the United States were members of at least one social network according to the Pew Research Center’s Internet and American Life Project. Kids love chatting, sharing real time photos, and instant messaging each other.

This is a wonderful tool for kids and teens to use, but there are certain things that must be taken into consideration, the first being the mental and emotional maturity of the user. Most young people don’t understand that what you post online can be seen by everyone, and is online forever. Pictures, comments, etc. can be viewed by anybody you allow access to. The biggest concern most parents have is stalkers and pedophiles who can use the information posted by kids to pinpoint what school they go to, the rout they take to walk home, if they have after school jobs, or if they will be at a particular location unsupervised like at the mall.

The second concern is that most kids don’t understand the long term consequences of what they post. Some users have found their posts used against them years later when they are applying for college and jobs. Comments about a particular college could result in an application to attend being denied. Pictures and comments at parties and social gatherings could cost you a job. Even pictures that a minor child may think are safe to post or share online could result in criminal charges of child pornography and a permanent record as a sex offender.

The last thing kids and teens need to keep in mind is that anything they post online can be accessed and manipulated by others. Cyberbullies have been known to take pictures from legitimate social networking profiles and create a dummy profile. They may doctor the pictures to depict the original person in compromising and embarrassing situations.

When teaching your children safety online it is always important to stress that nothing they post is 100% guaranteed to be private. Parents should be proactive in monitoring what their children post and talk with them if they see anything they deem inappropriate.

A year ago in May, the ITRC posted ITRC Fact Sheet FS 143, which provided an overview of what the IRS was doing to combat identity theft, and help those victims who specifically had IRS issues because of tax problems created by the identity theft. The content of Fact Sheet 143 was provided by the IRS Office of Identity Protection, and this document is definitely a necessary starting point for anyone who has encountered issues with the IRS caused by returns being filed with your SSN, or reports of a work history that do not belong to you.

The IRS established internal procedures in 2009 to give IRS employees guidance on identity theft issues, and provided the IRS business units methods for handling the unique aspects of identity theft cases. Since 2008, the IRS has also provided a specialized identity theft unit as a service to taxpayers who have been victims of identity theft, and wanted to notify the IRS. This unit has a toll free number (1-800-908-4490) and will work with victims to review their taxpayer accounts and history, and provide guidance on what steps to take to mitigate their identity theft case. This unit has handles hundreds of thousands of consumer calls in English and Spanish. Using these methods, the IRS has been able to mark taxpayer accounts when identity theft has been indicated, establish communications with the affected taxpayer, and proactively investigate returns tied to marked accounts to prevent additional fraud on these accounts. In addition, those identified as identity theft victims may now receive an Identity Protection PIN to ensure that only their verified return is processed, and without delay.

So, what’s new?

In a hearing of the Congressional House Committee on Ways and Means on 5/8/2012, the IRS gave testimony that directly answers the question posed by this blog:

“Over the past few years, the IRS has seen a significant increase in refund fraud schemes in general and schemes involving identity theft in particular. Identity theft and the harm that it inflicts on innocent taxpayers is a problem that we take very seriously. The IRS has a comprehensive identity theft strategy comprised of a two-pronged effort, focusing both on fraud prevention and victim assistance.”

In the area of fraud prevention, the IRS noted that in 2011 identity theft screening filters were put in place to detect fraudulent returns before processing. This is a huge task given 100 million returns to process, and the fact that 10 million taxpayers move and 46 million change jobs each year. IRS has now instituted a correspondence with the sender of a flagged return before that return is processed, and is issuing Identity Protection PIN’s to those who are known to be identity theft victims. For the 2012 tax filing season, over 250,000 “IP PINs” were issued.

Prevention of tax fraud using the identity of deceased taxpayers is also being addressed. The IRS is coding deceased accounts that have been used fraudulently to prevent further future misuse, and marking the accounts of recently deceased taxpayers so that future attempt to use the account will be prevented. The IRS is also working with the SSA to shorten the time required to update Death Master File information into IRS records. They are also working with SSA on a potential legislative change which could help reduce the use of the Death Master File as a source for identity theft SSN’s. And, the IRS has developed methods to us information from law enforcement agencies to flag high risk accounts and help block returns that are filed by identity thieves. Altogether, it is apparent that the IRS is putting serious effort into identity theft prevention methods.

The IRS also testified about their efforts to ease the plight of identity theft victims. By the end of this fiscal year, they will have almost 2500 employees dedicated to identity theft work. In addition to the IP PIN program, IRS has dedicated significant training to employees and call center assistors in order to improve their response to identity theft victims. Coupled with a healthy taxpayer outreach and education effort, it appears to ITRC that the IRS is engaging in a serious campaign to reduce identity theft related fraud and provide needed support to victims.

The full testimony can be found here: http://waysandmeans.house.gov/Calendar/EventSingle.aspx?EventID=293593

‘What the IRS is Doing About Tax Fraud’ was written by Rex Davis. Rex is the Director of Operations at the Identity Theft Resource Center.

Late last week we launched a new survey here at the ITRC. This survey is intended to measure how well parents monitor their children’s social media and mobile device usage. There have been many stories in the news lately addressing serious problems with children on the internet. Issues such as bullying, sexting and identity theft have become a daily staple in the media. Questions are once again being asked as to the appropriate age for children to begin using social media and mobile devices. Another important factor being studied in this survey is what role do parents play in their child’s usage of social networks and mobile devices.

Parent surveyWe are trying to analyze these issues in order to find the best answers for parents and children. Parents are seeking knowledgeable advice on how to ensure the safety of their children. Our latest survey aims to do just that. We are hoping to better understand the practices of parents and children in the social media / mobile devices sphere, so that we may develop a set of best practices to recommend to parents and children alike. A successful completion of the survey will give us the data we need to move forward with creating those best practices based on the reality of today’s parenting.

Of course we wanted to give survey takers some incentive for taking the time out of their day to complete our survey. In conjunction with the survey we launched a contest to win one of five $100.00 gift cards. To enter the contest just visit the ITRC’s website and click on the Do You Have Children Who Use Social Media? link or click here to take the survey directly. The contest will run from May 1, 2012 through May 31, 2012. Five $100 prize winners will be announced and contacted on June 1, 2012. The survey results will be released on the ITRC website shortly thereafter.

The long awaited 2012 Child Identity Theft Report by AllClear ID was recently released, and it revealed alarming information regarding children and identity theft. AllClear ID’s conclusive investigation revealed that 10.7% of children were victims of identity theft in 2011 – a .5% increase from the 2011 Child Identity Theft Report. This report is based upon an extensive database scan of actual accounts rather than a survey, and it concluded that 2875 out of 27,000 American children were victims of identity theft.

The analysis of records revealed that 6,273 records or 59% of cases involved the credit bureaus – showing credit problems. The next category revealed 6, 273 records or 22% of cases involved utility accounts, followed by 1,459 records or 14% of cases involving either property assessments, mortgages, foreclosures, or deeds. The next two categories presented 345 records or 3% of cases involved vehicle registrations, and 214 records or 2% of cases involved Driver’s Licenses. Interestingly, one may wonder why the number of records may be higher than the actual number of confirmed child identity theft cases in the report. According to AllClear ID, many of these records involved cases that faced more than one type of identity theft, which drove the number of records up. In addition, many of these child identities were used for what appeared to be multiple different cases of identity theft.

In recent years, the ITRC has seen an increase in cases that involve more than one type of identity theft. These cases become more complex and difficult for the victims to mitigate. Child identity theft is a serious issue because a child’s identity provides the opportunity for different exploits – financial, governmental, criminal, and medical. Although the ITRC tracks child identity theft cases, we do not recognize child identity theft as a standalone type of identity theft because a case of child identity theft will involve one or more of the types of identity theft mentioned above.

In addition, the AllClear ID report states that children under the age of 5 are being heavily targeted. The percentage of victims in this age range is said to have more than doubled compared to that of last year’s study. The logic behind these findings clearly show that criminals are targeting children of this age because they recognize the value of a younger child’s identity – they are likely to get much more time using the identity before discovery. A child’s identity is recognized as a ‘blank slate’ – posing opportunity, potential and long term options. Children’s Social Security numbers are valuable to thieves because the crime can go undetected for years. A child does not begin to use his or her own identity until he or she has reached the age of 18 – the age a young adult applies for his/her first credit card, purchases his first auto, applies for student loans, applies for a job, or gets ready to do all the things adults do. Younger children pose an opportunity for a thief to enjoy the exploits for longer periods of times, all the while creating a devastating impact on the child’s identity and future.

When identity theft strikes, it can be hard to know where to start.

The goal of the following information is to enhance your working relationship with law enforcement and credit investigators. It includes:

  • Why Should I Have To Do Most Of The Original Work?
  • First Steps: Prior To Talking With The Investigator
  • Making Your Report
  • Behind The Scenes
  • Evidence Issues
  • What You Can Do To Help Your Investigator

One of the most common complaints we receive from identity theft victims is that they feel that law enforcement doesn’t care. Many also complain that fraud investigators at banks and credit card companies don’t appear to have the victim’s best interest at heart. It’s possible, but more likely this feeling is related to poor communication and a lack of information.

The tips in this sheet will help you to focus on the pertinent facts.  It will also help you state your case in a way that is most useful to the police and fraud investigators

WHY SHOULD I HAVE TO DO MOST OF THE ORIGINAL WORK?

Fraud crimes involving identity theft are complicated. As one police detective said, the person who knows the facts and details of this case best is YOU. The ability to solve these crimes is usually contained in the details. When one person tells a complicated story, the person hearing the details may only get a rough idea of the situation. This is often what happens when a police officer takes a fraud report from a victim who may not understand which points are the most important to the case and which points are just not relevant at the time. By writing down the details for yourself, you will outline and organize the case in your mind so that you can tell the story clearly.

FIRST STEPS: PRIOR TO TALKING WITH THE INVESTIGATOR

  1. Prior to speaking with an investigator, start a journal so you can record details as they occur (refer to ITRC Fact Sheet 106 – Organizing Your Identity Theft Case).
  2. Rough Draft: Outline the story, in chronological order, exactly the way that you discovered it. Put down anything you think is important. Don’t censor your thoughts. You’ll edit it later. There are certain things that are important to include:
  • How you first discovered the fraud/theft – who told you and under what circumstances.
  • Any clues you may have as to the identity of the imposter – not guesses, but hard facts.
  • Locations where fraudulent applications were signed or submitted (presented in your name). Get exact addresses whenever possible.
  • Locations where the fraudulent activity occurred and/or purchases were made. Be as specific as possible.
  • Exact addresses where goods, services, utilities were delivered in your name.
  • Home addresses and telephone numbers listed on those applications.
  • Names used either as primary or secondary account holders.
  • The entire account number of any accounts that are referenced
  • The full name, address, phone number and date of birth (if you have it) of any suspect referred to in your case.
  • The names of any companies, investigators, or customer service representatives you have contacted about a potential fraud, and their phone numbers, emails, and fax numbers. Include dates and times you spoke to them and a brief summary of the conversation. You should ask each of these people for a letter to include in your file.
  • Photocopies of any letters, account statements, or correspondence you received regarding this case.

Some of the information on this list can only be obtained after you present a copy of the police report to the merchant or credit provider. Get together what you can for the initial report, then supply the additional information as you receive it.

  1. Working draft: Now write a concise narrative, removing any emotional responses (for example, “He was very rude to me on the phone.”). This draft will lengthen as you uncover more information. [click here for Example of Victim Summary or Narrative]
  2. Include your identifying information:
  • First, middle, and last name
  • Any prior names you had that may be involved in the crime
  • Home and business address
  • Home, business, and cell phone numbers

Be ready to provide, but do not record on this document, the following three items:

  • Date of birth (DOB)
  • Driver’s license number
  • Social Security number
  1. NOTE: Some states are “right to report” states, meaning they will take your report of identity theft regardless of if you have proof or not. Check our interactive map to see if your state is a “right to report” state.

MAKING YOUR REPORT

  1. Listen and Participate
  • Call your local law enforcement agency on the non-emergency number. It is very important to state that you are a victim of identity theft (or a victim of criminal impersonation if it is a case of criminal identity theft). Avoid using the word “fraud” as that is a different type of crime. Ask if they have a fraud or identity theft investigation task force who can take your report. If they do, ask to be transferred. If not, ask to speak to an officer or a detective.
    • Some departments will take your report over the phone, some will direct you to an online form, and some will only file an “incident” report (depending on evidence and situation).
  • Be polite and work with the officer. Make sure you explain that you need a report of identity theft so you can clear your name. In many cases, a thief is operating out of a police officer’s jurisdiction and the officer cannot pursue the case themselves. You can, however, request the officer forward the report to the jurisdiction where the crime occurred.
    • If the officer you are speaking with will not file a report, you can request to speak with the Watch Commander on duty. This is the person in charge of that shift of police officers.
    • If you still cannot file a report, show the officer this letter by the Federal Trade Commission to show the officer the importance of the police report.
    • If you are still met with resistance, go to the next closest precinct and try again. Report all officers who refused to assist you to the Attorney General’s office for your state.
  • Obtain a business card or write down the name and phone number of the officer who took your report, and write down the police report number.
  • Request a copy of the report. Ask how much it will cost and how long it will take to be ready.  They may charge you a fee and it can take up to two weeks for an official report to be made available to you.  Follow up as necessary to ensure you have a copy of your report. You may not receive notification when it is ready.
  1. Asking Your Questions – You may have some questions for the investigator once your report is made. These might include:
  • What are the procedures from this point forward?
  • Who is the primary contact for your case?
  • What should you do if you find out more information, or if you get another collection notice? Should you call, email, or mail it to them?
  • How long will it take to get a copy of the police report (or a letter of investigation if you’re contacting a credit card company)?
  • What can I (the victim) be doing in the meantime? Is there something I can do to move things along faster?
  • Is there any action I (the victim) might take that would harm the case?
  • What chance does the law enforcement officer think they have in catching this person? (Although it’s difficult to accept, your focus should initially be on clearing your name rather than getting an arrest.)
  • Can they provide any written documentation you can use to show you are not the imposter (for instance, a letter of clearance)?

BEHIND THE SCENES – WHAT’S TAKING SO LONG?

The handling of your report and case will depend on the available resources of the agency that takes the report. If law enforcement feels that the case is unworkable, then focus on clearing your name.

  • Your case will be referred to a fraud investigator. Depending on caseload size, this might take several days.
  • You will be called and told who will be covering your case. You may be interviewed by phone or asked to come in. If this is not possible due to work or distance, tell them so and try to arrange for an alternate way to gather information.
  • The detective will triage your case by reading the initial report in order to determine the potential for moving forward with the case. Remember, the better you communicate the crime, the better the opportunity for action.
  • As time permits, the detective will start to gather evidence IF they think there is a chance that they can make a case and find the imposter.
  • Your case will be one of many, as detectives rarely work on one case at a time. Your case may stall while they wait for a credit card company to send them the official copy of a fraudulent application, or while they wait for someone from the bank to return a call. Some banks and credit card companies could take several weeks and several reminder calls before sending out requested information.
  • If the detective is required to get a court order to get information, that will take additional time.
  • Your case might also get preempted if a detective is given a new case where the criminal has just been arrested. Many states have laws regarding a “48-hour rule.” This means that the officer has just one day to put together a case to present to the prosecutor on a suspect who has been arrested so the suspect can be arraigned on the charges within the second court day of his arrest. If not, the suspect must be released and cannot be rearrested for the exact same incident at a later date. So those types of cases always have priority.
  • Detectives rarely close an open case. It may seem like nothing is happening but they do remain aware of your case. Sometimes cases may sit for months with no activity, then suddenly the imposter does something foolish and evidence is found to tie them to your case.

EVIDENCE ISSUES

What might seem to you to be clear-cut evidence might not help your case due to various evidence laws. Law enforcement must clearly prove a chain of evidence that connects the crime to the imposter. For a more detailed look at “The Evidence Trail,” please read ITRC Fact Sheet FS 114.

  • “I threw some old checks in the trash. Why won’t you arrest him?” Taking paper from your trash does not prove that this person passed the bad checks. The police must have conclusive proof. Examples include a witness or videotape of the transaction.
  • “The only place I left an application with my middle initial was at the phone company. It must be the employee who took the info.” Again, where is the proof?
  • “The thief used a credit card to get a computer. I know the address it was delivered to.” The police must prove that the person receiving the merchandise committed the crime.
  • “I know the person who took my identity. He stayed at my house a couple of days.” The police must first prove that you didn’t give the suspect permission to take the info and that this “friend” actually committed the crime.
  • A criminal uses your stolen driver’s license. The imposter could claim, “I must have picked this up from the bar instead of my own. I thought it was mine.”

WHAT YOU CAN DO TO HELP YOUR INVESTIGATOR

Once you make your report, it is now the investigator’s case. However, you can ASK how you might help and work with them. This is not their only case, so respect their time and be brief in your phone calls. Get right to the point. Remember, rudeness never works. Identity theft cases are slow and may take months to complete.

  • Contact the detective when you have new evidence, but no more than once a week during the active period of the case.
  • Contact your detective once every 3 – 4 weeks even if you don’t have evidence to share. Do NOT telephone them more frequently than this. Ask about the status of the case.
  • Don’t use law enforcement or investigators as a therapist or a person to dump emotional frustration on.
  • Ask what you can do to help move the case forward. Is there anything they are waiting for? Maybe a call to your fraud contact at the bank or credit card company might help.

SOME FINAL THOUGHTS

As much as we would like them to, most identity theft cases do not end in arrest. Usually, this is not the fault of law enforcement; they are overworked and understaffed. Leads may not pan out, and evidence we thought might be perfect may not legally prove a case. We hope that you’re the case will end in an arrest and conviction, but if it does not, know that you did everything humanly possible. Many detectives face unsolved cases while hoping that sometime, somehow, a new piece of evidence will finally prove to be the imposter’s undoing.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Tax time, whether it’s in April, June, October or December, often puts important personal identifying information at risk for exposure. Your W-2’s, and other IRS reporting forms, include your Social Security Number and, in some cases, financial account information. These numbers can be a gold mine for identity thieves. Your personal information can enable thief to obtain a job, open up new lines of credit, access existing financial accounts or stock portfolios, get welfare, avoid a criminal history and generally create havoc in your life.

The question is: where are those forms kept in your home? Are they lying on a table top or somewhere anyone can see them? Or, are they in a locked box or file cabinet? Many consumers are not aware of the potential threat that these forms represent, and take little notice of the necessary steps which should be taken to secure these items. With this in mind, the ITRC wants to remind consumers and businesses to be careful when handling tax-related documents and information.

Here are some tips on how to minimize the risk of identity theft:

Paper security

Whether it’s in the home or in the office, make sure all tax documents and paperwork are secured in a safe, locked location at all times. Any financial statement or item which contains personal identifying information (PII) should not be left unsecured or visible to others.

Data on the Move

Financial documents don’t belong in a briefcase left unattended in your car. Law enforcement has reported increases in vehicle break-ins to steal items which can be used to commit identity theft. When transferring tax documents between home and the accountant, make sure they are hidden from view, i.e. locked in the trunk, at all times.

Computer Security

If your computer is linked to the internet, be sure to regularly update firewall, anti-virus, and anti-spyware software to protect you from attack. Since many taxpayers now file online, or store financial information on their computers, it is vitally important to install and update these types of security programs. Sensitive documents should be kept on a computer with a password protected log-on. This computer should never be used by children others who might install peer-to-peer software or expose the computer to unrestricted web browsing. These activities often result in security problems within days, if not hours.

E-Filing

While preparing your tax return for filing, make sure to use a strong password to protect the data file. Once your return has been e-filed, burn the file to a CD or flash drive and remove the personal information from your hard drive. Store the CD or flash drive in a lock box or safe. If working with an accountant, you should query them on what measures they take to protect your information.

Mail Theft Awareness

Be sure to retrieve your mail every day. An unlocked mailbox is an open invitation to an identity thief to steal your tax refund or other important documents. When mailing your tax documents, take them directly to the Post Office. Drop them in a box inside the Post Office. If you must use an outside Post Office pickup box, it’s best to drop your mail before the last pick-up of the day. Don’t leave tax documents in an outgoing mail box at work.

Tax Preparers and Personal Privacy

Be selective about who works on your taxes. Investigate tax preparation companies with the Better Business Bureau, especially new or seasonal offices. Ask the preparer how your information will be stored? Will it be encrypted? What computer security software is used? Who has access to this information? Has the person working on your taxes undergone a thorough background screening? How many years have they worked for the company? Do you see personal papers displayed on desks? Trust your impressions. If you feel uncomfortable, or doubt the firm’s commitment to protecting your privacy, take your business elsewhere. The phrase “buyer beware” especially applies to “on-line tax preparers.” Who are these people? What do you know about them? Are they really a company or legitimate accountant or is it a scam to gather Social Security and account information from you? Avoid doing financial business in supermarkets, or other public concession booths, where others may hear or see your transaction. Those mini offices are not soundproof – and criminals have been observed using binoculars or shoulder surfing to gather information. Go some place where you have privacy.

Tax Time Scams

If you receive an email asking for your Social Security Number or financial information, delete it or send it to the FTC at spam@uce.gov for investigation. The IRS does not send emails stating you are being electronically audited or that you are getting a refund. If you have any questions about an email you received from the IRS, or a letter that sounds suspicious, immediately call the IRS Taxpayers Advocates at 877-777-4778.

Document Disposal

Put papers you no longer need through a cross-cut shredder. These include credit card receipts, other papers with Social Security Numbers (i.e. income reporting forms), financial statements, health benefit statements and loan documents. Do not store these documents intending to shred them at some future time. As soon as you determine the document is no longer needed, shred it!

Document Storage

When storing your tax returns and other sensitive financial documents, use a locking file cabinet or even better, a safe. Make sure you know who else has access to this storage.

Employment Identity Theft

Identity theft goes beyond the well-known forms of financial identity theft. Sometimes identity thieves use your identity to get a job, obtain welfare, or medical services. They may be employed and using your Social Security Number – or even your child’s Social Security Number. In these situations, the IRS may send a notice indicating that more than one person is using a Social Security Number, or that you owe taxes. If this happens, immediately contact the IRS Taxpayer Advocates or the Identity Theft Resource Center at 858-693-7935 for assistance.

A recently published consumer report is advocating the general idea that identity theft is a diminishing crime and that most services offered to protect consumers hold little, if any, value. The trouble is, their research in many places is superficial and/or incomplete, and in some places completely irrelevant. It seems as though for a piece regarding the existence of identity theft, the experts who provided opinions on the topics, were not experts in identity theft at all.

All major federal agencies that have anything to do with identity theft have universally said that incidence of identity theft are getting worse, not better. That includes organizations like the FBI, FTC, and DOJ. According to the same Department of Justice study that is cited in questionable pieces includes the statement, “in 2010 about 7% of households in the US (about 8.6 million) had at least one member age 12 or older who had experienced one or more types of identity theft victimization.” While that is a slight decrease from the 2009 number of 7.3%, it should not be overlooked that the overall trend is still very much an upward one.

According to the aforementioned study only 5.5% (about 6.4 million households) experienced this same type of victimization in 2005. It should be noted that 2010 is the first year that any decrease can be seen anywhere in the numbers over the last five years.

Further, the Federal Trade Commission (FTC), the federal agency most responsible for monitoring identity theft activity in the United States, found that identity theft has been the top complaint from consumers in their annual survey for the past eleven years running. These are not merely concerns being expressed mind you. These numbers have nothing to do with subjective fears which can be influenced by paranoia and outside influences, but are actual complaints, i.e. incidents of identity theft being reported.

As the Victim Advisors at the ITRC have dealt with victims of criminal identity theft almost every day for the last ten plus years, we feel somewhat more qualified to talk about this issue from a truly “expert” perspective. Anecdotally, I can tell you that I speak with a victim of criminal identity theft nearly every single day. For something that “doesn’t happen a lot,” it sure happens a lot, and to those who have to go through it, it means a lot to have someone on their side helping them through it.

There are several situations in which identity theft can affect the processing of a tax return. Most involve someone misusing someone’s Social Security number (SSN), which the IRS uses to make sure the filing is accurate and complete and that they get any refund they are due.

It could be a sign of identity theft if a taxpayer receives an IRS notice that:taxes

  • More than one tax return was filed for one tax year, or
  • IRS records indicate a taxpayer received wages from an employer they don’t know.

If someone uses a taxpayer’s SSN to file for a tax refund before the taxpayer does, the IRS may believe the taxpayer has already filed and received their refund. The taxpayer might not know this until they get a letter from the IRS indicating that more than one return was filed for them.

If someone has used a taxpayer’s SSN to get a job, the employer may report that person’s income to the IRS using the taxpayer’s SSN, making it appear to the IRS as if the taxpayer did not report all of their income on their tax return. In that situation, the IRS might send the taxpayer a notice that they appear to have received wages from an employer they don’t know.

If You Suspect Identity Theft – Contact the IRS

If you get a notice from the IRS, respond immediately to the name and number printed on the notice. If you think you have tax issues related to identity theft, let the IRS know as soon as possible, even if you don’t have any evidence that it’s affected your tax return. Contact the IRS Identity Protection Specialized Unit (IPSU) at 1-800-908-4490. The IPSU’s hours are 8:00 am to 8:00 pm (your local time).

Specialists will work with you to get your tax return filed, get you any refund you are due, and protect your account from identity thieves in the future. You can document the identity theft by submitting a police report or the IRS ID Theft Affidavit (Form 14039).

You’ll have to prove your identity with a copy of a valid government-issued identification, like your Social Security card, driver’s license or passport.

We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

After any kind of data breach or hacking event, there are a handful of possibilities for what criminals will do with your stolen information. The outcome typically depends on what types of data they were able to steal, but possibilities include holding it for ransom to prove to a company that they were hacked, using it themselves for identity theft and fraud, or selling your records on the Dark Web to others who would use it.

Considering the heavy emotional and financial toll that identity theft can have on its victims, it’s shocking how little a consumer’s record can sell for on this internet black market. Recent studies have shown just how much money your life is worth to a scammer.

1. Credit card or debit card information – Hackers used to actively seek out credit and debit card numbers, as well as any PIN numbers or security codes associated with those cards. Due to better fraud detection and things like “card not present” transaction alerts from financial institutions, it’s easier than ever to spot criminal use of someone’s card and cancel that account. That could be why card account logins only fetch a few dollars. According to McAfee’s recent findings, a card number with the CVV2 code from the back is worth between $5-$8 dollars, but if it also comes with the bank’s ID number, it could go for $15 online. If the stolen credentials included something called “fullz,” that is, the card owner’s complete information, that would be worth around $30.

2. Online Payment Service Account Information – Whether it’s your own bank account that you can access and use online or a payment service like PayPal, there’s an interesting finding of the value of these stolen logins: the higher your available balance, the more money the criminal pays to purchase it from the original thief. For example, McAfee’s “The Hidden Data Economy” found:

$400-$1000 Balance is worth $20-$50
$1000-$2500 Balance is worth $50-$120
$2500-$5000 Balance is worth $120-$200
$5000-$8000 Balance is worth $200-$300

3. Medical Identities – When people think of identity theft, they tend to overlook their medical identities. This is the information contained in your medical records, such as your name, address, Social Security number, health insurance ID number, prescription medications, or other necessary information. A study by NPR found that a group of ten Medicare numbers will fetch about $4700 online; it’s important to remember that Medicare numbers—unlike most health insurance numbers now—are still currently the member’s Social Security number, which can make the stolen profiles doubly valuable.

But what about a typical case of stolen identities where the victim’s name, address, phone number, birth date, Social Security number, and other details are just thrown onto the black market for someone to steal? They go for about twenty dollars each at the current market prices.

Interestingly, selling a stolen set of “fullz” online isn’t a one-and-done proposition. Once a thief has accessed someone’s complete identity, he can sell the same records to multiple customers. That means the work of recovering from the crime can feel insurmountable; you resolve one issue with a credit card someone opened up in Minnesota only to turn around and get a bill for a medical procedure in Florida. That’s why it’s important to start your recovery process with an identity theft report, and then by reaching out to agencies that can give you clear instructions on what to do next.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

What is a Social Networking Site?

Social networking websites are a place for internet users to come together, often in groups sharing common interests in hobbies, religion or politics. These websites may require a minimum amount of personal information in order to join. Profile pages, telling other users about yourself, are another standard. Once you are granted access to a social networking website you can begin to socialize. This socialization may include reading the profile pages of other members and possibly even contacting them.

 

What is Identity Theft?

Identity theft occurs when an imposter gains access to personal identifying information (PII) and uses it for personal gain and exploitation.

HOW IDENTITY THEFT MIGHT HAPPEN THROUGH SOCIAL NETWORKING SITES
Because you must divulge some level of personal information in order to use and fully benefit from social networking sites, the risk of identity theft exists for people who use them. Below are some of the ways that you might put yourself at risk of identity theft:

  • Using low privacy or no privacy settings
  • Accepting invitations to connect from unfamiliar persons or contacts
  • Downloading free applications for use on your profile
  • Giving your password or other account details to people you know
  • Participating in quizzes (e.g. How well do you know me?) which may require you to divulge a lot of personal information
  • Clicking on links that lead you to other websites, even if the link was sent to you by a friend or posted on your friend’s profile
  • Falling for email scams (phishing) that ask you to update your social networking profiles
  • Using no or out-of-date security software to prevent malicious software from being loaded onto your computer and stealing personal information

Here are some examples of how people may become victims of identity theft through social networking sites:

Example 1: A man receives a message from one of his friends which has a link to a funny video, so he clicks on it. The link does not bring up a video. The friend’s profile had been hacked, and now a form of malicious software is being downloaded onto the man’s computer as a result of him clicking the link. This software is designed to open a way for an identity thief to take personal information from the man’s system. It additionally sends a similar email to everybody he is connected with on his profile, asking them to “view the video”. Downloading free applications and software can be sources of this type of malicious software, too.
Example 2: Someone has hacked a woman’s social networking profile to harass her and sabotage her online reputation. They are posting embarrassing photos and rude comments on her profile. These photos and comments appear to be from her and are directed to her network of contacts, when in fact they are not. Although she has used the highest level of privacy settings, she has shared too much information online with others. Someone used her posted information to fraudulently access her profile. Always remember, that even though your profile may be set to “private”, treat everything you post online as public.
Example 3: Cybercriminals sometimes will create a page that looks just like the introductory page to a favorite social networking site. This page will ask you to re-enter your password. These criminals will get you to this page from a link in an email or private message or public post with a link to a fraudulent site. If you are already logged in to a networking site and then asked to log in again, be aware that it is a red flag and it is probably a scam designed to make you divulge a lot of personal information to someone with bad intentions.

HOW TO PROTECT YOURSELF:

  • Use the least amount of information necessary to register for and use the site. Use a nick-name or handle (although this is not possible with certain sites),
  • Create a strong password and change it often. Use a mix of upper and lower case letters, numbers, and characters that are not connected to your personal information (such as birthdates, addresses, last names, etc.).
  • Use the highest level privacy settings that the site allows. Do not accept default settings.
  • Be wise about what you post. Do not announce when you will be leaving town. Other things you should never post publicly: your address, phone number, driver’s license number, social security number (SSN), student ID number and even your home town. Thieves can figure out your social security number by what town you were born in and what year. It’s ok to post what year or how old you are, but with this information combined with where you were born, they can figure out your SSN.
  • Only connect to people you already know and trust. Don’t put too much out there – even those you know could use your information in a way you didn’t intend.
  • Read privacy and security policies closely – know what you’re getting into. Some major social networking sites actually say they will use or sell information about you (not individual data necessarily, but aggregate information based on your personal information and that of others using their site) in order to display advertising or other information they believe might be useful to you.
  • Verify emails and links in emails you supposedly get from your social networking site (e.g. the recent Facebook scam emails that asked customers to re-set their passwords). These are often designed to gain access to your user name, password, and ultimately your personal information.
  • Unclick the privacy settings that display the time stamps of your posts.
  • Install a firewall, reputable anti-spam and anti-virus software to protect your information– and keep it updated!

Be certain of BOTH the source AND content of each file you download! Don’t download an executable program just to “check it out.” If it’s malicious software, the first time you run it, you’re system is already infected! In other words, you need to be sure that you trust not only the person or file server that gave you the file, but also the contents of the file itself.

Beware of hidden file extensions! Windows by default hides the last name extension of a file, so that an innocuous-looking picture file, such as “susie.jpg”, might really be “susie.jpg.exe”, an executable Trojan or other malicious software! To avoid being tricked, unhide those pesky extensions, so you can see them.

Use common sense. When in doubt, don’t open it, download it, add it, or give information you may have doubts about sharing.