There are several situations in which identity theft can affect the processing of a tax return. Most involve someone misusing someone’s Social Security number (SSN), which the IRS uses to make sure the filing is accurate and complete and that they get any refund they are due.

It could be a sign of identity theft if a taxpayer receives an IRS notice that:taxes

  • More than one tax return was filed for one tax year, or
  • IRS records indicate a taxpayer received wages from an employer they don’t know.

If someone uses a taxpayer’s SSN to file for a tax refund before the taxpayer does, the IRS may believe the taxpayer has already filed and received their refund. The taxpayer might not know this until they get a letter from the IRS indicating that more than one return was filed for them.

If someone has used a taxpayer’s SSN to get a job, the employer may report that person’s income to the IRS using the taxpayer’s SSN, making it appear to the IRS as if the taxpayer did not report all of their income on their tax return. In that situation, the IRS might send the taxpayer a notice that they appear to have received wages from an employer they don’t know.

If You Suspect Identity Theft – Contact the IRS

If you get a notice from the IRS, respond immediately to the name and number printed on the notice. If you think you have tax issues related to identity theft, let the IRS know as soon as possible, even if you don’t have any evidence that it’s affected your tax return. Contact the IRS Identity Protection Specialized Unit (IPSU) at 1-800-908-4490. The IPSU’s hours are 8:00 am to 8:00 pm (your local time).

Specialists will work with you to get your tax return filed, get you any refund you are due, and protect your account from identity thieves in the future. You can document the identity theft by submitting a police report or the IRS ID Theft Affidavit (Form 14039).

You’ll have to prove your identity with a copy of a valid government-issued identification, like your Social Security card, driver’s license or passport.

We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

After any kind of data breach or hacking event, there are a handful of possibilities for what criminals will do with your stolen information. The outcome typically depends on what types of data they were able to steal, but possibilities include holding it for ransom to prove to a company that they were hacked, using it themselves for identity theft and fraud, or selling your records on the Dark Web to others who would use it.

Considering the heavy emotional and financial toll that identity theft can have on its victims, it’s shocking how little a consumer’s record can sell for on this internet black market. Recent studies have shown just how much money your life is worth to a scammer.

1. Credit card or debit card information – Hackers used to actively seek out credit and debit card numbers, as well as any PIN numbers or security codes associated with those cards. Due to better fraud detection and things like “card not present” transaction alerts from financial institutions, it’s easier than ever to spot criminal use of someone’s card and cancel that account. That could be why card account logins only fetch a few dollars. According to McAfee’s recent findings, a card number with the CVV2 code from the back is worth between $5-$8 dollars, but if it also comes with the bank’s ID number, it could go for $15 online. If the stolen credentials included something called “fullz,” that is, the card owner’s complete information, that would be worth around $30.

2. Online Payment Service Account Information – Whether it’s your own bank account that you can access and use online or a payment service like PayPal, there’s an interesting finding of the value of these stolen logins: the higher your available balance, the more money the criminal pays to purchase it from the original thief. For example, McAfee’s “The Hidden Data Economy” found:

$400-$1000 Balance is worth $20-$50
$1000-$2500 Balance is worth $50-$120
$2500-$5000 Balance is worth $120-$200
$5000-$8000 Balance is worth $200-$300

3. Medical Identities – When people think of identity theft, they tend to overlook their medical identities. This is the information contained in your medical records, such as your name, address, Social Security number, health insurance ID number, prescription medications, or other necessary information. A study by NPR found that a group of ten Medicare numbers will fetch about $4700 online; it’s important to remember that Medicare numbers—unlike most health insurance numbers now—are still currently the member’s Social Security number, which can make the stolen profiles doubly valuable.

But what about a typical case of stolen identities where the victim’s name, address, phone number, birth date, Social Security number, and other details are just thrown onto the black market for someone to steal? They go for about twenty dollars each at the current market prices.

Interestingly, selling a stolen set of “fullz” online isn’t a one-and-done proposition. Once a thief has accessed someone’s complete identity, he can sell the same records to multiple customers. That means the work of recovering from the crime can feel insurmountable; you resolve one issue with a credit card someone opened up in Minnesota only to turn around and get a bill for a medical procedure in Florida. That’s why it’s important to start your recovery process with an identity theft report, and then by reaching out to agencies that can give you clear instructions on what to do next.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

What is a Social Networking Site?

Social networking websites are a place for internet users to come together, often in groups sharing common interests in hobbies, religion or politics. These websites may require a minimum amount of personal information in order to join. Profile pages, telling other users about yourself, are another standard. Once you are granted access to a social networking website you can begin to socialize. This socialization may include reading the profile pages of other members and possibly even contacting them.

 

What is Identity Theft?

Identity theft occurs when an imposter gains access to personal identifying information (PII) and uses it for personal gain and exploitation.

HOW IDENTITY THEFT MIGHT HAPPEN THROUGH SOCIAL NETWORKING SITES
Because you must divulge some level of personal information in order to use and fully benefit from social networking sites, the risk of identity theft exists for people who use them. Below are some of the ways that you might put yourself at risk of identity theft:

  • Using low privacy or no privacy settings
  • Accepting invitations to connect from unfamiliar persons or contacts
  • Downloading free applications for use on your profile
  • Giving your password or other account details to people you know
  • Participating in quizzes (e.g. How well do you know me?) which may require you to divulge a lot of personal information
  • Clicking on links that lead you to other websites, even if the link was sent to you by a friend or posted on your friend’s profile
  • Falling for email scams (phishing) that ask you to update your social networking profiles
  • Using no or out-of-date security software to prevent malicious software from being loaded onto your computer and stealing personal information

Here are some examples of how people may become victims of identity theft through social networking sites:

Example 1: A man receives a message from one of his friends which has a link to a funny video, so he clicks on it. The link does not bring up a video. The friend’s profile had been hacked, and now a form of malicious software is being downloaded onto the man’s computer as a result of him clicking the link. This software is designed to open a way for an identity thief to take personal information from the man’s system. It additionally sends a similar email to everybody he is connected with on his profile, asking them to “view the video”. Downloading free applications and software can be sources of this type of malicious software, too.
Example 2: Someone has hacked a woman’s social networking profile to harass her and sabotage her online reputation. They are posting embarrassing photos and rude comments on her profile. These photos and comments appear to be from her and are directed to her network of contacts, when in fact they are not. Although she has used the highest level of privacy settings, she has shared too much information online with others. Someone used her posted information to fraudulently access her profile. Always remember, that even though your profile may be set to “private”, treat everything you post online as public.
Example 3: Cybercriminals sometimes will create a page that looks just like the introductory page to a favorite social networking site. This page will ask you to re-enter your password. These criminals will get you to this page from a link in an email or private message or public post with a link to a fraudulent site. If you are already logged in to a networking site and then asked to log in again, be aware that it is a red flag and it is probably a scam designed to make you divulge a lot of personal information to someone with bad intentions.

HOW TO PROTECT YOURSELF:

  • Use the least amount of information necessary to register for and use the site. Use a nick-name or handle (although this is not possible with certain sites),
  • Create a strong password and change it often. Use a mix of upper and lower case letters, numbers, and characters that are not connected to your personal information (such as birthdates, addresses, last names, etc.).
  • Use the highest level privacy settings that the site allows. Do not accept default settings.
  • Be wise about what you post. Do not announce when you will be leaving town. Other things you should never post publicly: your address, phone number, driver’s license number, social security number (SSN), student ID number and even your home town. Thieves can figure out your social security number by what town you were born in and what year. It’s ok to post what year or how old you are, but with this information combined with where you were born, they can figure out your SSN.
  • Only connect to people you already know and trust. Don’t put too much out there – even those you know could use your information in a way you didn’t intend.
  • Read privacy and security policies closely – know what you’re getting into. Some major social networking sites actually say they will use or sell information about you (not individual data necessarily, but aggregate information based on your personal information and that of others using their site) in order to display advertising or other information they believe might be useful to you.
  • Verify emails and links in emails you supposedly get from your social networking site (e.g. the recent Facebook scam emails that asked customers to re-set their passwords). These are often designed to gain access to your user name, password, and ultimately your personal information.
  • Unclick the privacy settings that display the time stamps of your posts.
  • Install a firewall, reputable anti-spam and anti-virus software to protect your information– and keep it updated!

Be certain of BOTH the source AND content of each file you download! Don’t download an executable program just to “check it out.” If it’s malicious software, the first time you run it, you’re system is already infected! In other words, you need to be sure that you trust not only the person or file server that gave you the file, but also the contents of the file itself.

Beware of hidden file extensions! Windows by default hides the last name extension of a file, so that an innocuous-looking picture file, such as “susie.jpg”, might really be “susie.jpg.exe”, an executable Trojan or other malicious software! To avoid being tricked, unhide those pesky extensions, so you can see them.

Use common sense. When in doubt, don’t open it, download it, add it, or give information you may have doubts about sharing.

There are various types of identity theft, for example, financial, governmental, medical, and criminal. Child identity theft usually involves one or more of these types. Therefore, child identity theft is not a standalone category.

ID theft trends It is important to keep in mind that each case involving a child’s identity requires multiple steps of correction. Furthermore, since the elapsed time between the crime and the moment of discovery may be extended over a period of years, child identity theft cases may be more serious and complex. The age of the victim is often times a factor considered in the mitigation steps, and what actions will be required.

As child identity theft becomes a growing concern for parents, many question why thieves target children’s identities. There are several factors why a child’s identity may be the perfect target. One of those factors is that parents would never think of checking a child’s credit history. Children should not have established credit histories because they are not 18-years-old; therefore, they are not of legal age to enter into a contract. One would never suspect any fraudulent activity. This gives the thieves the perfect cover-up, and certainly the necessary time to commit the crime and exploit the identity. A second factor is the wide open possibilities that the child’s identity represents. It provides a clean and fresh start – in any and every way you look at it. For instance, the Credit Reporting Agencies have no way of verifying whether a Social Security number (SSN) belongs to a minor. Therefore, a credit report is established and associated with the first pieces of personal identifying information received. A child’s identity may also be used for other purposes such as – employment, to receive medical services, or evade law enforcement violations, amongst others.

There is no one way to pinpoint how a child’s identity is stolen. Often times, it may be as a result of thieves creating a “fake” 9-digit number and the number happens to be a legitimate SSN assigned to a child. Another instance may be that thieves figured out the way SSNs were generated before it was even assigned by the Social Security Administration. Furthermore, it may be as a result of a stolen document containing the child’s SSN. Unfortunately, in some cases, the child’s identity may have been stolen by a child’s family member or relative.

Over the past year, child identity theft has been a widely covered topic in the media. With this exposure, the issue has become a growing concern for parents, government entities, credit reporting agencies and legislators alike. A child’s identity represents an opportunity that is surrounded by a combination of circumstances – often favorable to the thief.