All tax professionals should learn the signs of data theft so they can react quickly to protect clients.
During this summer’s campaign Boost Security Immunity: Fight Against Identity Theft, the IRS and its Security Summit partners remind tax pros to contact the IRS immediately when there’s an identity theft issue. They should also contact insurance or cybersecurity experts to assist them with determining the cause and extent of the loss.
Here are the critical signs of data theft:
- Client e-filed returns rejected because their Social Security number was already used on another return.
- More e-file acknowledgements received than returns the tax pro filed.
- Clients responded to emails the tax pro didn’t send.
- Slow or unexpected computer or network responsiveness such as:
- Software or actions take longer to process than usual
- Computer cursor moves or changes numbers without touching the mouse or keyboard
- Unexpectedly locked out of a network or computer.
Tax pros should watch for warning signs when clients report they’ve received:
- IRS Authentication letters 5071C, 4883C, 5747C even though they haven’t filed a return.
- A refund even though they haven’t filed a return.
- A tax transcript they didn’t request.
- Emails or calls from the tax pro that they didn’t initiate.
- A notice that someone created an IRS online account for the taxpayer without their consent.
- A notice the taxpayer wasn’t expecting that:
- Someone accessed their IRS online account,
- The IRS disabled their online account.
These are just a few common examples. Tax pros should ensure they have the highest security possible.
If a tax pro or their firm thinks they are the victim of data theft, they should immediately:
- Report the theft to their local IRS Stakeholder Liaison
Liaisons will notify IRS Criminal Investigation and others within the agency on the practitioner’s behalf. Speed is critical. If reported quickly, the IRS can take steps to block fraudulent returns in the clients’ names and will assist tax pros through the process.
- Email the Federation of Tax Administrators at firstname.lastname@example.org
Get information on how to report victim information to the states. Most states require that the state attorney general be notified of data breaches. This notification process may involve multiple offices.
Data Theft Information for Tax Professionals
Publication 4557, Safeguarding Taxpayer Data
Small Business Information Security: The Fundamentals
Boost Security Immunity: Fight Against Identity Theft
This article was originally posted on IRS.gov.