When it comes to filing our tax returns, we all have to put in the time and effort to complete every form accurately and according to the instructions. But even if we do everything by the book, a tax identity thief still may file a fraudulent return in your name. Unfortunately, this happens all too often; in fact, despite having prevented more than 787,000 fraudulent tax returns in 2016, the Internal Revenue Service (IRS) paid out $239 million in “suspect” refunds.
So, what steps should you take if you find yourself a victim of tax identity theft? To help answer this question, consider how cyber criminals obtain your personal information.

How It Happens

Cyber criminals can obtain your personal information in a number of ways, including the following.
• Posing as an IRS representative and procuring information via phone or e-mail
• Sending phishing e-mails
• Stealing your W-2 from your mailbox
• Accessing personal information over non-secure Wi-Fi networks
To fraudulently file taxes, a thief needs your name, Social Security number (SSN), and date of birth. From there, s/he easily can falsify “your” W-2 information in the hopes of claiming a refund. You — the taxpayer — won’t find out about the fraud until you receive notification from the IRS that your real tax return has been rejected. By then, the damage has been done.

Now What?

Once your SSN has been compromised, it cannot be canceled or changed. But what you can do? Take the following steps to protect yourself from the fraudulent use of your SSN going forward.

• Notify Authorities
The faster you take action, the better. In addition to filing a complaint with the Federal Trade Commission and notifying the Social Security Administration, be sure to call the IRS Identity Protection Specialized Unit at 800-908-4490 to report the theft.

• Form 14039
Submit IRS Form 14039 (i.e., the Identify Theft Affidavit), so that the IRS is aware that your future returns may be at risk.

• Use a PIN
Once you’ve been identified by the IRS that you have been an identity theft victim, you can apply for an Identity Protection PIN. This six-digit PIN, provided by the IRS, must be used for your future tax returns in order for them to be accepted.

• Credit Bureaus
Report the fraud to one of the three major credit bureaus (Experian, TransUnion or Equifax), and place an alert on your credit report. When you file a report with one bureau, it is legally required to alert the other two. A fraud alert on your credit report will require potential creditors or lenders to contact you directly and obtain permission before opening a new line of credit.

• Credit Monitoring
With credit monitoring, you’ll be able to keep tabs on your credit report. Credit monitoring services will alert you when a new line of credit is attempted, but they will also monitor existing accounts and notify you of any changes. Many also offer recovery assistance services, monetary and legal assistance, and insurance that covers expert consulting regarding identity theft.

• Look Around
Your situation may run its course and go away for a couple of years. Unfortunately, you are likely to have another issue considering that your SSN is in the hands of at least one identity thief. As such, you must always stay aware.

The Future

As mentioned earlier, credit monitoring will help you keep tabs on your credit. You may also want to file your taxes as soon as possible each year to avoid another fraudulent filing.
Finally, remember that the IRS will never contact you electronically and almost never over the phone. It always communicates via letters sent through the U.S. Postal Service. If you do receive a phone call from someone saying that s/he is from the IRS, hang up and call your local IRS office directly.

Gary S. Williams, CFP, CRPC, AIF, is president and founder of Williams Asset Management, in Columbia. He can be contacted at 410-740-0220, [email protected] and www.WilliamsAssetManagement.com. For information about his book, “The Art of Retirement” (with the foreword by NFL Legend Ronnie Lott), visit www.theartofretirement.org.