Identity Theft

[Terry D EA]

I wish I was writing this for one of my clients. Really I wish I was not writing it at all. Some low life thug or whatever has obtained a credit card in my name. I have spent the afternoon on the phone with the lender who provided the card and all three credit bureaus. I am now heading to the police department to file a police report to upload to the credit bureaus. Just as a precautionary step, I filed an extension for me and my wife. The extension has been accepted. So, breathing a bit better after seeing the acceptance. My question is, if someone would file a tax return using my information after the filing of the extension, I assume the extension would be overwritten which could still hurt me. Or, is there some chance the filing of the extended return has be connected to the extension?? Reaching here I think.

I almost want to file any kind of return and amend later to trump anything that may try to get through. Anyone have any suggestions???

I am told it is a good thing I caught this before anymore attempts. I said well, there are inquiries from other retail stores that have tried but due to the bad credit rating that I now have they apparently were declined. It is unbelievable the one bad mark has tanked my credit score.

[Catherine]

Sympathies, @Terry D - this is the *last* thing you need this time of year!

I had some clients a couple years ago for whom I filed an extension because we were waiting for information from somewhere.  Two months later went to file the return, and could not because someone else had used one of the ssn's for themselves.  I'd file the IRS ID Theft form (14049? - whatever it's number is) pronto.  You would want that protection regardless.  

However - before you file it - log in to e-services and download any reports you can get your hands on.  One problem with the IRS ID Theft form filing is that it cuts of a POA's ability to get reports.  Incredibly stupid, when you think about it - but that's ham-handed bureaucracy for you.

[Yardley CPA]

Sorry to hear about your issues Terry.  That really stinks.  Good luck sorting everything out.  I hope it goes as smoothly as it can go for you. 

[Pacun]

I feel your pain Terry.

2 months ago, I got a letter from a collection agency stating that I owed ATT more than $4K. I called ATT and they told me that they got my social and they requested phones and lines. Once they didn't pay, they took me to collection. They solved that issue but then about a month ago, someone in Arizona (I am in DC) tried to charge something to my Amex, but they didn't charge anything. I check my credit cards and bank everyday and in this case, I called Amex and they cancelled my card and issued me a new one. I became a citizen 10 years ago and I changed my name. They are using my previous name and my social security number. Ironically, ATT didn't share any information with me and I wonder if I could help with the investigation to see if somehow a friend or relative to access to my SS#.

Identity theft is not a joke, so now I enter every W-2 identification code when available and I enter the driver's license number even though my states (DC, MD and VA) don't require it. That is my contribution to help fight identity theft.

I forgot to mention that I checked my three credit reports and the thieves tried ATT, T Mobile and Verizon and I guess the last two companies smelled a rat and didn't approve the accounts. That happened in Jun 2016.

 

 

[NECPA in NEBRASKA]

I am so sorry. I found out from experience that an acceptance of an efiled extension does not stop always mean that another return has not been filed or might be filed. I had a client with an extension accepted, but when we filed the return, the IRS said that one had been filed in February with the wife's SS#. I don't know how that is even possible.

[Pacun]

Extension means nothing. If you don't send a check they are put in a box and they are opened only if you owe taxes when you file in September. When mail was the king, there was one address for extensions with checks and another for extensions by itself, meaning that they don't process those things, the IRS just cashes the check.

[ILLMAS]

@Terry D where they using your SS#?  I have a common name and creditors put all the MAS in my area under my credit report, they never had access to my SS#, but it did mess up my credit but was able to resolve it after 2-3 months.  Call all three credit bureaus and it should be resolved.

[ILLMAS]

I also thought these people where thugs, but actually it's the creditor, they find any fool that has the name of the debtor and they gladly remove everything once you prove you are not the debtor.

[Terry D EA]

Only one credit card was issued. I am assuming they had to use my SS# and other information to get the card. The funny thing is, they used a different address. This was a Walmart CC through Synchrony Bank. I do have a Walmart CC through Synchrony bank that was issued a few years ago that is in excellent standing. When I spoke to the Walmart CC fraud department, they couldn't answer all of my questions just that a different address had been used. I did tell them I thought they had a very sloppy CC processing procedure and asked why they would issue me a card when I already had one. Again, no answers. I have to wait for their fraud department to finish conducting their investigation. Hopefully I will know then. To further substantiate my SS# was used, they located the fraudulent account under my number.

[Terry D EA]

 

19 minutes ago, ILLMAS said:

I also thought these people where thugs, but actually it's the creditor, they find any fool that has the name of the debtor and they gladly remove everything once you prove you are not the debtor.

Well the real question here is how do you prove you're not the debtor??? This has been my concern since this came about. Will the fact a different address was used be enough??? So, what you're saying is that because my first name is spelled differently three times on my credit report that this could be a cause?? Experian has made all of the corrections that will flow to all three bureaus. This stuff scares the crap out of me.

[easytax]

39 minutes ago, Terry D said:

 

Well the real question here is how do you prove you're not the debtor??? This has been my concern since this came about. Will the fact a different address was used be enough??? So, what you're saying is that because my first name is spelled differently three times on my credit report that this could be a cause?? Experian has made all of the corrections that will flow to all three bureaus. This stuff scares the crap out of me.

Terry,

You are looking at that incorrectly....   Do NOT try to prove who you are NOT --- have the issuer PROVE who they gave the card/account/whatever to.     If they can not prove it was you (signatures, ID required at issue, etc.), then they must remove it from your file AND do a written notification to any persons/entities/etc. who they gave bad information to.

To often people "roll-over" when the onus is really on the other party.   Otherwise, "they" are actually violating the different credit reporting rules and consumer protection laws.

If curious, do a Google or Bing check on credit laws (treat it as if you were "collecting" liens or debts for yourself).  There are a myriad of restrictions to avoid. Make the credit bureaus "play by the rules" too -- use them to your advantage.

 

   Apologies -- I do not mean to sound as if telling you what to do (Spouse I sound like that a lot) and I just reread and see the point.   Just meant as hopefully a different guidance possibility.

[SaraEA]

We too have had clients whose extensions were efiled (NOT mailed) and accepted and then their final returns were rejected because of identity theft.  I thought that odd because thieves usually file early in the season and our extensions were filed around April 15.

Last year we had two clients whose iphones stopped working, only to find out crooks had purchased new ones on their accounts and had gotten new numbers.  Both filed identity theft affidavits with IRS and were issued IP PINs.  When one of those clients went to the phone store to inquire, the people there knew exactly what had happened and re-activated their phones.  Apparently they had lots of experience with this problem.

Hats off to the new Security Summit, where IRS and state tax depts and others are working together on ID theft issues.  Recently there was some new email scam that appeared to be from professional boards but was really a phishing attempt.  In the past two days I was alerted to it by IRS, my state, and the local EA chapter.  Good job, Security Summit members.

[jklcpa]

Wow, Terry, I'm really sorry you had this happen, and at the worst time too!  You've already received excellent advice here to not rely on that extension and definitely do contact the IRS.  Also consider putting a freeze on your credit with all of the credit bureaus. It may be inconvenient if you do need to borrow, but it will lock down your credit so that no more accounts can be opened in your name, and it doesn't affect your credit score.

 

[Terry D EA]

Thanks everyone for the replies. I have completed the 14039 and need to get back into e-services to file as  Catherine says. As I said, I filed the extension to see if a return had already been filed. I guess I was hoping for something positive out of filing the extension.

I have already contacted the credit bureaus and put all the fraud alerts possible. My wife and I are discussing the credit freeze. I'm just worried that I may get stuck with this for seven years. It would make perfect logical sense to look at my history and see that every account reported for the last how many years has the same status which is paid as agreed/never late. Then all of a sudden one account out of character. I guess anyone with excellent credit can have a financial fall out. But too many current satisfactory and one bad egg????

The waiting is what is nerve racking. This was reported on my credit in a manner of minutes but will take up to 60 days to be removed if it is actually proven as fraud.

[ILLMAS]

3 hours ago, Terry D said:

 

Well the real question here is how do you prove you're not the debtor??? This has been my concern since this came about. Will the fact a different address was used be enough??? So, what you're saying is that because my first name is spelled differently three times on my credit report that this could be a cause?? Experian has made all of the corrections that will flow to all three bureaus. This stuff scares the crap out of me.

In my case there where two individuals that had similar name like me, I was able to prove to experian that I did to live at XYZ, I had to send a copy of my SS# and if you check your experian report you could see the different SS# and addresses that are tied to your account.  At first I thought it was identty theft, but it's those damm collections agencies who are causing all these problems, hoping it's a case of mistaken identity in your case, good luck.  

[ILLMAS]

See this article 

 

http://articles.latimes.com/2010/dec/19/business/la-fi-perfin-20101219

[FDNY]

Very sorry Terry,  I know first hand how frustrating this can be but you'll get through this fine.   I've had a credit freeze with the three bureaus for years and it is very easy to lift it and put it back on.   I usually only lift it for a day or two for a car lease or anything else.  My credit rating eventually got back to near perfect, all you need is ACH withdrawals for all your bills and it goes back up fast.

Just an FYI, I've had 2 clients down in LA whose credit breach was traced to the Walmart CC with Synchrony bank too.

[Catherine]

11 hours ago, ILLMAS said:

 hoping it's a case of mistaken identity in your case

That happened to me some years ago.  First indication was a call from Crate & Barrel, wanting my current address to send my final paycheck to.  Huh?  Turns out a Kathryn with same surname and same *year* (but *not* month or day) of birth had her information mixed in with mine at all three agencies.  And she had filed a bankruptcy in Texas about two years earlier.... I wrote to all the agencies with all the information, and they fixed the mess.  Fortunately that was not ID theft; just sloppy data entry.

[Terry D EA]

12 hours ago, ILLMAS said:

See this article 

 

http://articles.latimes.com/2010/dec/19/business/la-fi-perfin-20101219

Good article but, I don't think this fits my case. We have never received anything from any debt collectors, never knew the card existed, and have never seen a statement or anything. This cc was used, never paid and shut down by synchrony. I am wondering about the integrity of their employees. Wells Fargo had issues with employees creating fake or fraudulent accounts to meet company required quotas. From FDNY's post, it appears this is nothing new to Walmart.

[Lion EA]

A couple of years ago I filed an extension for our joint return 15 April.  When I finally filed in October, return was rejected because spouse's (mine) SSN had been used.  Mailed in with that five-digit form on top.  (States still e-filed.)  Send that form now.  When you're ready to file, try e-filing; you want the rejection notice to include with your paper file.  Immediately freeze all credit bureaus.  We'd frozen years before when Anthem got hacked and that was hubby's health insurance for our family.  Deal with things (credit card existing in your name) as they arise.  AmEx has their own fraud department and had me sign a form allowing them to pursue.  Unfortunately, no one, police, CC companies, IRS, states, can really provide you with much info.  You can get a heavily redacted copy of any federal tax return filed using your SSN.  Privacy laws don't always help us!  The Federal Trade Commission has some great info and puts out free booklets you can have on hand for your clients (minimum order is like 100, but I ordered and gave away to other preparers; free plus free postage; our tax dollars at work):  FTC.gov/idtheft

Interestingly, I was able to e-file the next year.  My hack came after the IRS had been hacked (e-Services?) and I didn't discover it until their IP PIN service had also been hacked, so I thought I'd be paper filing for the rest of my life.

The down side to my issue was that I was e-filing the last day after all my paying clients.  So, the mailed returns and checks were a day late!  And, even the states were after midnight by the time I figured out I could send them without the fed.  But, we try to owe a small amount, so nothing too bad there.

It's time consuming.  Good luck!

[jasdlm]

I don't have anything useful to add, Terry, but I just wanted to let you know that I'm really sorry this happened to you.

[SaraEA]

4 hours ago, Lion EA said:

Interestingly, I was able to e-file the next year.  My hack came after the IRS had been hacked (e-Services?) and I didn't discover it until their IP PIN service had also been hacked, so I thought I'd be paper filing for the rest of my life.

The IRS was NOT hacked.  The identity thieves had enough info to go into those sites and pass themselves off as the real taxpayers.  Don't forget, many of the crooks are organized criminals with lots of brainpower and money dedicated to ripping people off.  They subscribe to those paid background check websites that list everything in public records about anyone.  I was shocked to read that they pull their victims' credit reports so they know exactly how much your mortgage payment or auto loan is monthly and to whom you pay it.  I thought those reports were only accessible to those with a need to know, but I see they are available to those with the money to purchase.  And they scan social media, where people foolishly share personal info like their pets' names and where they went on their honeymoon.  The ability of the thieves to collect enough personal data to "prove" they are the real person is the reason why the IRS is now using three-factor identification and texting a code.  Although in the case of my clients who had their cell phone accounts compromised, a lot of good that's going to do.

And Terry, don't worry so much about your credit score.  Places like banks and employers and insurance companies all use different ones you'll never see.  And unless you are applying for a loan what difference does it make?  My score went down a bit after we paid off our mortgage.  Gee, we no longer have any debt so that makes us a riskier bet.  Go figure.

[Lion EA]

OK, so the IRS site (e-Services?  Get My Transcript?) was compromised and the IRS notified 100,000 people that their data may have been compromised, but the problem grew to over 600,000 people.  The IRS told us to use their site to obtain an IP PIN so we could e-file, but they had to take down that site before I could.  My point was that I was surprised that I was able to e-file the next year, when the IRS e-newsletters made it sound that that would be impossible without an IP PIN.  I was hoping to make Terry feel a little better and let him know that not everything in his life will change forever due to possible ID theft.

[WITAXLADY]

So sorry to hear also Terry - and the latest - cannot access Fafsa site on IRS  - that is why I am so irritated with all this EIC, CTC, ACTC, AOTC verification - I am and all EA.s, CPA.s already have to follow ethics, etc - why do we have to verify our clients - don't we already??

We should not have to deal with the 8867 form as such - so time consuming!

Put the resources into finding the hackers - not jumping through hoops for this! go after those who offend - the preparers who consistently file fraudulent returns - not us honest ones! - both IRS and other areas!!

[Terry D EA]

20 hours ago, SaraEA said:

The IRS was NOT hacked.  The identity thieves had enough info to go into those sites and pass themselves off as the real taxpayers.  Don't forget, many of the crooks are organized criminals with lots of brainpower and money dedicated to ripping people off.  They subscribe to those paid background check websites that list everything in public records about anyone.  I was shocked to read that they pull their victims' credit reports so they know exactly how much your mortgage payment or auto loan is monthly and to whom you pay it.  I thought those reports were only accessible to those with a need to know, but I see they are available to those with the money to purchase.  And they scan social media, where people foolishly share personal info like their pets' names and where they went on their honeymoon.  The ability of the thieves to collect enough personal data to "prove" they are the real person is the reason why the IRS is now using three-factor identification and texting a code.  Although in the case of my clients who had their cell phone accounts compromised, a lot of good that's going to do.

And Terry, don't worry so much about your credit score.  Places like banks and employers and insurance companies all use different ones you'll never see.  And unless you are applying for a loan what difference does it make?  My score went down a bit after we paid off our mortgage.  Gee, we no longer have any debt so that makes us a riskier bet.  Go figure.

It seems as though there is no logical calculation to the FICO scoring system. As you said, why on earth would your score go down when you paid off a mortgage?? That doesn't make sense. I also think it is crazy for your credit score to drop when you close an account simply because your score is based on available credit. BTW, the criteria for calculating the FICO score is never ending changing all the time.

My big concern is we are planning to refinance the home as well as seek another location for retirement in the next 3 years. If this is not removed from my credit and they find some ridiculous reason why they think I did this, then a 7 year black mark kinda blows my retirement plans. My wife's credit is spotless as well so we are locking hers up too. That may be my saving grace.