Tuesday, April 15, 2014

Tax fraud hits home

Dumb-cluck IRS lays an egg

Commentary by Bryan Tagas

After electronically filing my 2013 federal income tax return using TurboTax last week, I requested that I be notified as soon as the IRS officially accepted my filing.  Sure enough, about three hours later I got a text message from TurboTax. Unfortunately, the news was not good: “Your Federal Tax Return Rejected – Action Needed!”

“Here’s the problem with your return,” the message continued, “IND-513 – The Spouse SSN in the Return Header must not be equal to the Spouse SSN in another return filed for the same tax year.”  But then there was this hopeful bit: “Don’t worry, we can help.” Well, actually, not.

They can’t help, in fact, because the problem is that my wife is a victim of what’s known as “stolen identity refund fraud.”  Someone somewhere has filed a tax return and, presumably, gotten a nice juicy refund using my wife’s social security number in the process.  When my wife confirmed all of this with the IRS she was told, surprisingly, that she ought to be thankful that the fraudster had only listed her as a spouse and not as the primary filer (no mention, however, of how horrific that particular circumstance might have been).  Oh, and there was another piece of positive news from the IRS: “Fortunately, there is much less tax fraud this year than there was last year!”

We’re already feeling much better about the whole thing.

The IRS was not willing to say, however, whether the person using my wife’s SSN actually
received a refund as a result of the fraudulent filing.  Apparently it is IRS policy not to say.  And that’s probably for a very good reason:  it’s damn embarrassing that the federal government is so lax as to allow perfectly preventable situations like this to occur.

According to press reports, hundreds of millions of dollars are scammed this way each year, probably billions.  Taxpayers should be outraged.  A quick search of the Internet turns up some incredible stories.  In one notorious case, the IRS gave refunds totaling $1.2 million to a woman who filed more than 400 fraudulent electronic tax returns from a single IP address at her home.  She used the illegally obtained Social Security numbers of hundreds of people. Other unbelievable cases are documented at the IRS’s own identity theft tax fraud webpage.

How did my wife and I get caught up in a tax-fraud situation? Well, the story begins with the Roman Catholic Archdiocese of Seattle and its failure to protect the confidential information of its employees, vendors, and volunteers.  Perhaps you’ve read the articles in the local press. My wife volunteers as a once-a-year art instructor for a Catholic elementary school. With good reason, the Archdiocese does a background check on all such volunteers—and it apparently maintains a database that contains the social security numbers, addresses, and other personal information of these individuals.  The Seattle Archdiocese reported last month that its computers had been hacked and it warned current and former employees and volunteers that they should take steps to determine whether they had been victimized.

I dismissed the matter, given that we always file our taxes electronically and I know that the IRS only accepts our returns if the PINs of both my wife and myself are entered correctly and we have accurately reported the exact amount we paid in taxes for the previous tax year.  And there were other possible safeguards that I was aware the IRS could employ to protect us.  Besides, as far as I knew, we actually owed money to the feds for the 2013 tax year, so presumably no one could fraudulently get a refund using our Social Security numbers anyway.  Certainly the IRS was smarter than that!

Unfortunately, I was thinking logically, like the banker I am.  But this is the government, after all.  And apparently when it comes to the IRS, it’s a first-come, first-served world. Whoever submits the first return with a particular SSN locks out anyone who comes later using that same SSN, even when that second person is the legitimate filer!  Now it’s up to us to prove to the IRS that we’re legitimate.  We’ll have to file manually, attach an affidavit claiming identity theft, and wait up to six months for our refund--assuming we qualify for one.

Now anyone who ever tries to change their password or home address on a financial website should expect an email or snail mail confirmation of the change.  That’s just prudent operating procedure.  If fraud has occurred, the victim is immediately put on notice.  The IRS doesn’t work that way, however.  In fact, the IRS takes pride in stating that it NEVER sends emails to taxpayers.  That rule supposedly exists so that no one will ever, therefore, be scammed by someone pretending to be the IRS!  Everyone, of course, knows the IRS doesn’t send emails.  Right?

So no email.  But the IRS could have sent us a letter, and it might have read as follows:

“Dear Taxpayer:  We have accepted your recent tax return, but we noticed the following discrepancies: 1) your refund address or bank account has changed since your last tax filing, 2) you have a different spouse from all your previous tax returns, 3) if you filed electronically your PIN does not match our records and if you filed manually you either did not fill in the PIN box or failed to write in the correct number, and 4) your reported income does not match the W2 and 1099 information for you that was provided to us by third parties for 2013.  However, because your Social Security number is correct, we are preparing to send your tax fund to the new address or bank account you specified. Sincerely, the Internal Revenue Service.”

Inexplicably, we didn’t receive such a letter. Presumably, the IRS was just too busy getting those fraudulent tax refunds processed efficiently.

Anyway, when I told my wife I was going to write a blog posting about our maddening tax-fraud experience, she warned me not to do it: “They’ll audit us for sure,” she said. “No way,” said I.  “The IRS certainly doesn’t take retribution against citizens who exercise their constitutional right to say the agency is incompetent.”

Then I remembered: I was also the one who said that there was no way the IRS would ever accept a tax return from someone else using her Social Security number.
Live and learn?  Me?

Apparently not.


  1. About all you can do now is file before someone else does it for you.

  2. Wow. I volunteer for St. Joseph School -- this is probably my problem too. Can't wait. Saving grace is probably that we OWE the IRS. Maybe the hacker can be on the hook for our tax bill!

  3. you're good to share this, we never think it will hit ourselves, or our neighbors.

  4. You and 100's of others r dealing with the same issue! Bummer

  5. Maybe not the best idea to blow off what the IRS (via the Archdiocese) said to do when the breach became known??

    Following the procedure may have helped and not following it didn't.

  6. When bankers start complaining about incompetence, it's time to call Houston. No offense Brian, I'm just sayin'.


Note: Only a member of this blog may post a comment.