Archive for January, 2016

Gyft Co-Founder’s new venture Civic to tackle identity theft

Sunday, January 31st, 2016

A co-founder and former CEO of digital gift card platform Gyft is preparing a new startup for its expected spring launch.

Civic will address consumer identity theft and online identity fraud, Vinny Lingham said.

“Consumers need better control of their personal information and their digital identities. Civic will deliver a beautiful secure consumer experience to solve this problem.”

Vinny Lingham

Vinny Lingham

“We believe that consumers should never have to pay to protect their identity from misuse and that’s why we will be offering free identity protection for life when we launch in Spring 2016.”

A South African native now based in Silicon Valley, Mr. Lingham also founded and served as CEO of website builder Yola and digital marketing firm Clicks2Customers. He is a board member of the Bitcoin Foundation and is a star of Dragon’s Den, the South African version of Shark Tank.

Civic also closed a $2.75 million seed round led by early stage fin-tech investment fund Social Leverage, whose founding partner Howard Lindzon joins Civic’s board. Ashton Kutcher’s Sound Ventures was one of several additional participants.

Article source:

Technorati Tags: ,

Sheriff’s Office Looking for Identity Theft Suspect

Sunday, January 31st, 2016


Law enforcement officials released surveillance video showing a suspect exiting a Camarillo Target store after purchasing merchandise, which they say was done with a stolen credit card.

In early January, a resident near Ojai reported being a victim of mail theft. A Costco American Express credit card was included in the stolen mail.

After an investigation, authorities found out that the stolen credit card was used at various locations throughout Ventura, Oxnard and Camarillo.

The Ventura County Sheriff’s Office is asking for the public’s help to identify the suspect in the surveillance video. Anyone with information regarding this investigation may call Detective Will Hollowell at 805-947-8083.

Article source:

Technorati Tags: ,

Michelle Singletary: Untangling ID theft is taxing

Sunday, January 31st, 2016

Posted Jan. 30, 2016 at 8:00 PM

Article source:

Technorati Tags: ,

Here’s Why Identity Theft Can Be Far Worse Than You Might Imagine

Sunday, January 31st, 2016

Photo Credit: frank_peters/Shutterstock

The following is an excerpt from the new book Swiped by Adam Levin (Public Affairs, 2015):

No one ever thinks they are going to be targeted by hackers looking for that big score. I call it “The Other Guy” syndrome. But, of course, to everyone in the world except you, you’re The Other Guy.

So what should you do?

I call my strategy the Three Ms:

1.      Minimize your exposure

2.      Monitor your accounts

3.      Manage the damage

It sounds simple, but I promise if you do these three things, your life will be a lot less painful when the inevitable happens and you get got.

Minimize Your Exposure

This is probably the most familiar of the Three Ms. Don’t share too much information with folks you don’t know—whether in person, on the phone, or online via social media. Make sure that you set long and strong passwords; properly secure all computers, smartphones, and tablets used by you and your family; use two-factor authentication where possible; and shred sensitive documents. This is a good start.

In fact, my friends at the nonprofit Identity Theft Resource Center (ITRC) in San Diego, California, a wonderful volunteer organization that has helped tens of thousands of victims deal with the nightmare of identity theft and educated millions more, start with a similar set of protocols. They call it SHRED:

•      Strengthen passwords

•      Handle PII with care

•      Read credit reports annually

•      Empty your purse/wallet

•      Discuss these tips with friends

I encourage you to do all of these things. But you also need to see the big picture. So here’s the task entire: Change the way you think about identity theft and your personally identifiable information. Minimizing your exposure to identity theft in large part is a matter of educating yourself about the many dangers out there.

The result will be gradual but unmistakable.

You will naturally become infinitely more vigilant. You will learn what happens when you overshare on social media. You will be careful about who you tell what and why. You will think in terms of what could happen before you dive for what you want to have happen in the moment. You will not let down your guard.

There are of course a number of companies out there that say they can protect you, but if you listen closely, none of them say they can prevent identity theft. Over the years, several have tried to persuade consumers that they can prevent it altogether. But the Federal Trade Commission (FTC) wasn’t buying any of that. Nor was the Consumer Federation of America (CFA). Because the fact of the matter is that they can’t. If you find yourself tempted by an offer from a company that promises to prevent identity theft from happening to you, don’t take the plunge. No reputable company will ever make such representations. For a treasure trove of information about how to intelligently choose an identity theft services provider, go to the CFA-sponsored site:

Monitor Your Accounts

Once you’re in the habit of minimizing your exposure, the name of the game is vigilance. First, you need to check your credit. Once a year, you can get a copy of your credit reports from each of the three major credit reporting agencies, for no fee, at

Next, enroll in transactional notification programs. You will find that they may be offered for free through your bank, credit union, and credit card issuers. Alternately, you can subscribe to various credit and fraud monitoring services that will inform you of any changes to your credit report—like new accounts or inquiries that might indicate someone is trying to open a fraudulent account in your name. Depending on the service you select, you can set your security protocols so tightly that a new line of credit cannot be opened at all because no one, including you, can gain access, or you can set it up so there can be no green light until you receive and respond to an instant or slightly delayed alert that someone has tried to create a new account. Alternately, you can set the alert loosely so that you simply receive notice when activity in excess of a preset dollar amount occurs in any of your existing financial accounts.

It may seem like a nuisance to field an email or text or app notification every time you buy something with your credit or debit card, but you’ll be glad you activated those notifications the day you get one about a purchase you didn’t make or the creation of an account for which you never applied.

Fraud alerts are another option to consider.

The three reporting agencies offer initial fraud alert services, extended fraud alerts, and active duty military alerts. If you already subscribe to a credit monitoring service, fraud alerts may be an inexpensive add-on. There are also services that allow you to monitor your children’s Social Security numbers for signs of identity theft.

A credit freeze is a more comprehensive shield, but it is more cumbersome than a fraud alert, and it’s still not fail-safe. Once activated, no one—including you—can access your credit for the purpose of opening new accounts. To allow access, you must use a special PIN (or password) to thaw the freeze. To initiate a freeze, you must sign up with all three bureaus individually, and there are costs associated with both freezing and thawing accounts unless you are a senior citizen or an identity theft victim. Unfortunately, the freeze doesn’t stop people from taking over your existing accounts. It doesn’t prevent criminals from committing tax fraud, child identity theft, medical identity theft, or criminal identity theft. And it can be worked around by presenting two forms of ID and a utility bill, as well as completely eliminated by an identity thief who has gained access to all of your PII and the ability to decipher your PIN or password.

Manage the Damage

So, how bad will it be if or when your identity is stolen? In many cases, far worse than you can imagine, because identity thieves do the unimaginable. This is why it is very important to pick a reputable company that offers a range of high-touch services. The good news here is that you may discover that an organization with which you already have a relationship—perhaps your insurance carrier, financial services provider, or employer—offers a product or provides access to a professional service that will help you navigate the rocky shoals of whatever identity-related issue you are facing. Check to see if any company or institution with which you are doing business can provide you with identity theft resolution or identity management products and services, since it may cost you little or nothing, and you may even find out that you are already under their protection. While peace of mind is worth a great deal, it’s even nicer when it comes free of charge.

The key to properly practicing the Three Ms is engagement. Your only hope of quickly detecting victimization and effectively containing the nightmare of identity theft is to stay engaged and invested in the process. And, beyond question, it is a process that must be practiced daily. (That means you really have to do it.) The goal of a shred-a-thon is peace of mind, but a false sense of security is in no one’s best interest. Real peace of mind comes with real knowledge and concrete action.

Here are a few practical steps you can take to make each of the Three Ms happen for yourself.

Minimize Your Exposure

The most important step you can take is to be proactive about your own security, rather than waiting until it’s breached. Some specific steps include the following:

•      Never carry your Social Security card, or those of your children, in your purse or your wallet.

•      Never carry your Medicare card if you can avoid it. If you must, make a copy, redact all numbers but the last four, and black out the letter. If the medical provider asks for your number, provide it.

•      Limit the amount of credit and debit cards you carry and keep a list of all payment cards and toll-free numbers for the issuers in a safe place. Also, always have at least one credit and one debit card in reserve so that you can use them while waiting for replacements to arrive.

•      Make sure all the computers in your home have the latest antivirus and malware protection programs and that the security software is updated regularly. (It is best if they do automatic updates.)

•      Secure your smart phones with PINs that are not easily decipherable, use long and strong passwords on every account, and never save a user ID or password in any app on any device.

•      Never share user IDs or passwords over email, social networks, or other digital accounts.

•      Create a special email account for online shopping and the aggregation of receipts.

•      Talk to your family about the need for security. Make sure everyone is acquainted with common modes of attack: phishing and spearphishing emails, vishing and smishing (all of these terms are explained in Appendix 2 at the end of this book), plus the various kinds of malware out there and the perils of oversharing on social media sites. Get them in the habit of securing or turning off devices that aren’t being used.

•      Limit access to sensitive information and accounts to the adults who handle them, and, if at all possible, only access these files and accounts on a computer that is password protected and “off-limits” to the rest of the household.

•      Never authenticate yourself to anyone who contacts you in person, by phone, or online and asks you to confirm that you are you. Only provide authentication information if you have initiated the contact and they need to verify your identity for your protection.

•      When dealing with a social networking environment, set privacy controls tightly and be aware that privacy policies change frequently, requiring you to constantly review terms and conditions and adjust your privacy settings accordingly. Never take quizzes online, because the customary information gathered could well be answers to security questions that prove who you are. Do not overshare information with people who may well not be your friends but rather cyber cat burglars who are looking to steal your PII and then exploit it for their gain.

•      Every time you buy an electronic device or appliance for your home that will be connected by router or Wi-Fi to the Internet, read the disclosures, follow the instructions, and change the default password to a long and strong one of your choosing.

•      Enroll in, or activate, two-factor authentication everywhere you can.

•      Make sure you have the right physical security for your home or business.

•      Securely store all documents containing personal identifying information and shred them when you no longer need them.

•      Always make sure to destroy any documents or hard drives you no longer use.

•      Check yourself. Are you are as safe as you think you are? Security measures that were good enough last week may no longer do the trick.

Monitor Your Security

•      Sign up for transactional monitoring programs offered by your bank, credit union, and credit card company.

•      Check to see if any of the insurance carrier or financial services institutions you do business with offers free or discounted access to monitoring services, and if so, use them.

•      Check your credit report at least once a year. At you are entitled to one free copy from each of the three national credit reporting agencies (Experian, Equifax, and TransUnion). While many people get all three at once, others get one every four months so that they can see three different snapshots of their credit during the year. Consider paying for access to a monthly (or more frequently updated) report from one or all three of the credit reporting agencies.

•      Enroll in programs that allow you to access your credit scores at least every thirty days.

•      Consider purchasing more sophisticated and robust credit and fraud monitoring services. You should look in particular for those organizations that offer identity theft recovery services as well as monitoring. Always read the details of any monitoring offer to make sure you fully understand what you are buying.

•      Check your bank accounts daily.

•      Check your credit accounts daily.

Manage the Damage

Have a plan before you have an issue. This may include the following:

•      Keep a list of companies, credit accounts, bank accounts, and other places you do business with so that if you are victimized you have a reference sheet to use.

•      Contact your insurance agent or financial institution to see if they offer cyber liability or identity protection coverage, or an identity theft damage control program. You may be pleasantly surprised to learn that you are already protected. If not, find out what, if anything, they offer; what you need to do to enroll; whether it is free; and, if not, what the cost is.

•      The alternative is to do everything yourself. It requires enormous discipline and nerves of steel. It is time consuming, emotionally draining, and may not yield the desired result. The practical issue is that with identity theft, even in our more enlightened state, the victim quickly discovers that he or she is guilty until proven innocent.

Levin is former Director New Jersey Division of Consumer Affairs; founder of and Identity Theft 911.

Article source:

Technorati Tags: ,

What the IRS isn’t telling you about identity theft

Sunday, January 31st, 2016

By now, we all know that income tax identity theft is a major problem.  According to the General Accountability Office (GAO), the IRS paid out 5.8 billion dollars in bogus refunds to identity thieves for the tax year 2013 and, according to the GAO the real figure is probably significantly higher because of the difficulty of knowing how much income tax fraud remains undetected.
But it is not as bad as you think.  It is worse.

If you are the victim of income tax identity theft, it still takes an average of 278 days to resolve your claim and get your refund although the IRS routinely tells taxpayers that they can expect their claims to be resolved within a still too long 180 days.

Meanwhile, the Treasury Inspector General for Tax Administration  (TIGTA)is warning taxpayers to be on “high alert” for scammers posing as IRS agents who call unsuspecting taxpayers and threaten them  with heavy fines and even jail time if they do not immediately pay these scammers the demanded money.  According to TIGTA, it has received approximately 896,000 complaints since October 2013 of these phone calls and knows of at least 5,000 victims who have paid more than 28.5 million dollars to the scammers.
So what has been the response of Congress?

In its infinite wisdom, Congress has passed legislation that requires the IRS to hire private collection agencies to go after taxpayers who owe money to the IRS.  So after years of the IRS telling taxpayers that the IRS does not initiate contact with taxpayers by telephone and that therefore if someone calls you, attempting to collect money for the IRS it is a scam; now taxpayers will be receiving calls on behalf of the IRS attempting to collect overdue taxes.

This will make it much easier for the scammers to make themselves appear legitimate.

But it is worse than that.

When this law was being considered, the IRS was against it and with good reason.  Using private collection agencies to collect taxes on behalf of the IRS had been done twice in the past and according to Nina Olson, the National Taxpayer Advocate at the IRS, “Twice the experiment ended in failure.”  Not only did the IRS manage to collect twice as much of  overdue taxes as the private collection agencies did, but having the IRS do the collecting was far less costly.  So private collectors managed to collect less tax money at greater cost.  The new law requires the IRS to hire private tax collectors by early March.

Do you want more bad news?

The most common way that income tax identity theft occurs is when the identity thief files an income tax return using his or her victim’s Social Security number along with a counterfeit W-2 that indicates a large refund is due.  With all of the complicated actions that the IRS is trying to do to detect income tax identity theft, it is missing the simplest and most effective way to stop income tax identity theft.  Under present law, employers must file W-2s with the federal government by February 29th if the employer files paper W-2s and as late as March 31st if the employer files W-2s electronically.  However, the law does not require W-2s to be filed with the IRS by those dates.  Instead, they are required to be filed with the Social Security Administration (SSA).  The SSA does not send these W-2s to the IRS until July so the IRS does not get around to matching the real W-2s filed by employers with those filed by individual taxpayers with their income tax returns until months after the IRS has already sent refunds based on the W-2s filed by the identity thief.  It seems so simple that even a Congressman  or Senator could understand it that if employers were required to file their W-2s directly with the IRS and the IRS matched the W-2s filed by employers with those filed by taxpayers before sending out refunds, income tax identity theft would be dramatically reduced.

So what did Congress do?

According to IRS Commissioner John Koskinen, “We’ve been talking with Congress for the last couple of years about it and I’m pleased that they did provide that starting next tax season – not this one – employers will be required to provide us W-2 information by the end of January.”  However, that statement is not entirely accurate if you interpret the word “us” to mean the IRS because what Congress actually did in the omnibus spending bill signed into law by President Obama on December 19, 2015 is move up the date for employers to file W-2s with the Social Security Administration to January 31st starting January 31, 2017.  We still will have to wait for the SSA to forward the employer filed W-2s to the IRS before they can be matched with those filed by legitimate taxpayers and identity thieves with their tax returns.  With the IRS proudly proclaiming that they will still be processing and sending out refunds for 90% of income tax returns within 21 days of filing, it is highly likely that a significant number of those refunds will be sent to identity thieves who filed phony tax returns with phony W-2s.

So what should you do?

When it comes to income tax identity theft, the best place to look for a helping hand is at the end of your own arm.  You can only become a victim of income tax identity theft if the criminal files an income tax return using your Social Security number before you do so the best way to prevent that is to file your income tax return as early as possible.

Steve Weisman is a lawyer, a professor at Bentley University and one of the country’s leading experts in scams and identity theft. He writes the blog, where he provides daily update information about the latest scams. His new book is Identity Theft Alert.

Article source:

Technorati Tags: ,

Identity theft complaints leap 47%

Sunday, January 31st, 2016

Reports of identity theft shot up in 2015, largely driven by an increase in tax- and wage-related fraud, according to the Federal Trade Commission. People made 490,220 identity theft complaints to the FTC in 2015, up from 332,647 (a 47% increase) in 2014 and 290,102 in 2013.

From 2014 to 2015, there were 51% more complaints related to tax and wage identity theft, which isn’t all that surprising. All thieves need is a Social Security number — say, one that got stolen in one of the many data breaches from recent years — to file a fraudulent tax return. Through November 2015, the IRS reports it has stopped 1.4 million identity theft returns (preventing about $8 billion in fraudulent refunds), but an audit of the IRS found that it lost $5.8 billion to such fraud in 2013.

There’s likely a gap between the incidents reported to the FTC and the actual number of identity-theft occurrences in the U.S., and it’s unclear if the remarkable rise in reports is a result of more identity theft, more people reporting or a combination of both.

Regardless, the figures send a clear message: Identity theft is a common and growing problem. What’s worse: It’s really difficult — some say impossible — to prevent. There are steps you can take to minimize your risk of becoming an identity theft victim, like filing your taxes as early as possible and minimizing the amount of information you share with others. Freezing your credit report can also keep fraudsters from opening up fake accounts in your name, an action that can make a mess of your credit.

When prevention isn’t an option, rapid detection can make all the difference in containing the damage. Sudden changes in your credit scores can be a sign of identity theft (you can see two free credit scores every 30 days on, and you’ll want to regularly review your free annual credit reports for errors. Identity theft has, unfortunately, become a common occurrence, so one the best things you can do to protect yourself is know how to respond if it happens to you.

Identity theft victims can file reports with the local authorities, notify their creditors and the credit bureaus and filing a complaint with the FTC, among other things. They’ll also likely need to dispute any errors they find on their credit reports. You can DIY your credit dispute process, which can be done online or via the mail, or you can hire someone like a credit repair company to do it for you.

More from

How to use free credit monitoring tools
The signs your identity has been stolen
Does checking my credit score hurt my credit? is a USA TODAY content partner offering financial news and commentary. Its content is produced independently of USA TODAY.

Article source:

Technorati Tags: ,

2 Bronx men face identity theft charges in Westport

Saturday, January 30th, 2016
Mamadu Saidu Sowe, left, and Anthony Ikenna Okefor, right, were arrested Thursday afternoon after attempted larceny and identity theft (Photo: Westport Police Department)
Mamadu Saidu Sowe, left, and Anthony Ikenna Okefor, right, were arrested Thursday afternoon after attempted larceny and identity theft (Photo: Westport Police Department)

WESTPORT, Conn. (WTNH) — Westport officers chased down two suspects involved in an attempt to open cell phone accounts using fraudulent documentation.

Westport Police responded to the Wireless Zone on the Post Road at 2:14 p.m. on Thursday. Employees there had reported that two men tried to open accounts using fraudulent identification and credit. The complainant told police that when they questioned the validity of the cards, the suspects fled the store.

While officers responded to the Verizon store, other officers began scanning the area. They were looking for the vehicle the suspects were seen leaving in, as described by the store’s security guard. Police say Officer Shawn Sember spotted the vehicle turning southbound off of the Post Road onto the Sherwood Island Connector. He stopped the car two blocks up, at Greens Farms Road, but as he approached the car, it sped off, westbound on Greens Farms.

Pursuing the car again, Officer Perez jumped ahead of the pursuit, laying down stop sticks on Compo Road South, police say. Approaching this, the suspects pulled over.

Mamadu Saidu Sowe and Anthony Ikenna Okefor, of the Bronx, were positively identified by police, and subsequently arrested. Sowe was charged with attempt to commit larceny, unlawful reproduction of a credit card, identity theft, criminal impersonation, forgery, engaging police in a pursuit, and reckless driving. Okefor was charged with conspiracy to commit larceny, and conspiracy to commit identity theft.

Article source:

Technorati Tags: ,

Authorities advise on ways to minimize risk of identity theft, fraud

Saturday, January 30th, 2016

Protecting personal information from fraud and identity theft seems to be an increasingly uphill battle, but as scammers, hackers and con men come calling there are methods to reduce the risk of personal information from being stolen.

“There’s no one way to absolutely guarantee that your information won’t be compromised,” Sherman Police Sgt. D.M. Hampton said. “You just have to minimize risk, and the more that you do to minimize risk the better off you are of keeping your information safe.”

While sensitive personal information like social security numbers and bank accounts are often targeted, Hampton said the most common crimes related to identity theft and fraud deal with credit and debit card abuse.

“Usually a lot of what we see is perpetrated from a family member, a friend or an acquaintance who is able to get that particular debit card or credit card and go use it,” Hampton said.

Every time a credit or debit card is used presents an unavoidable risk of that number being stolen but some encounters present greater risks than others.

Emily Crow, marketing director of Texoma Educators Federal Credit Union, said while the physical card is rarely stolen, the numbers on credit or debit card are often sought out by criminals. Card owners don’t know whether a number is compromised until after fraudulent charges are placed. Crow said criminals can create cloned cards from scanning the magnetic strip of a card into a personal device or simply writing the information down. Sometimes the individuals skimming cards sell the numbers online or to other criminal rackets.

“Don’t let your card out of your sights, if at all possible,” Crow said. “If you’re at a restaurant and they need to take your card away to pay, I would try to pay cash.”

When a card leaves the owner’s sight, an opportunity is presented for the card number to be compromised. Crow advised to never give out card numbers online unless a website is reputable and known to be secure and to never give it out over the phone.

“Definitely don’t give your card information over the phone to anyone, especially if they called you,” Crow said. “No reputable institution is going to call you to ask you for that information. We already have it.”

Hampton said only a handful of scams exist but delivery methods behind those scams can be numerous. Many scammers target older generations who they see as easier targets, he said. Recent phone scams have circulated with individuals calling who claim to be a figure of authority such as a utility company worker, credit card employee or bank representative to try to elicit personal information. Authorities said the rule of thumb is people shouldn’t give away personal information unless the caller can be verified.

Eventually, personal information will need to be released to certain entities. Hampton said anywhere personal information is stored or accessible is only as secure as the people working around it.

“If you’re going to buy a house, if you’re going to buy a car, if you’re going to open up utilities, you’re going to give that information out,” Hampton said. “They just need to educate themselves on where they’re giving that information and who they’re giving it to.”

Banks and credit card companies have made strides in identifying fraudulent charges and quickly putting them to a stop. Card owners are not responsible for verified fraudulent charges and are usually reimbursed within a couple of business days.

Recently, card companies have begun migrating to cards equipped with a computer chip that add an extra layer of security. The little metallic square chip on new credit and debit cards create safer transactions by eliminating the need to swipe the magnetic strip, which is often the means through which the card is compromised. The chip on the card creates a single use, unique transaction code for each purchase so the data left behind cannot be used again.

“It’s something they have done in Europe for years and I’m really excited about it,” Crow said. “It makes it a lot harder for someone to steal your card information and make a fake card. It makes each transaction a lot more secure.”

Online banking options have made it easier for customers to keep track of charges and locate anything suspicious. Crow said if fraud is found on an account, that institution is going to call its customer. She recommends confirm that banks have the correct contact information. If a bank or card company can’t make contact with the card owner, they may freeze the account until possible fraud can be verified.

If a charge doesn’t look right, Crow said consumers should call the bank or card company. The quicker a fraudulent charge is reported, the quicker additional fraudulent charges can be stopped and a new card can be issued. Hampton said people should have a plan and know the numbers to call when fraud comes up.

Crow advise to be weary of social media posts asking to tag best friends, name first pets or name the first school attended, which could be answers to account security questions.

“Be careful about what information you give out to perfect strangers online even if it seems innocent because you could be using it as a secure question,” Crow said.

The Sherman Police Department said it appreciates residents submitting tips if they come across scams, but police reports can only be filed for scams if actual monetary loss is involved.

Article source:

Technorati Tags: ,

IRS, FTC initiatives tackle identity theft

Saturday, January 30th, 2016

An IRS program launched to improve fraud prevention needs improvements, the Treasury Inspector General for Tax Administration said — as the FTC rolls out an upgraded identity theft website.

The federal government is attempting to pick up its game when it comes to cybersecurity.

As the IRS expands its newly launched Return Review Program (RRP), which is designed to improve on the agency’s current fraud prevention capabilities, the Treasury Inspector General for Tax Administration (TIGTA) said the agency needs to increase the program’s ability to detect identity theft.

The TIGTA report called on the commissioner of the agency’s wage and investment division to establish stronger processes when IRS checks are returned as undeliverable.

The IRS launched RRP as a pilot program during the 2014 tax year and then expanded the program following year. RRP was developed to replace its Electronic Fraud Detection System (EFDS), a legacy system in use since 1996, and another system, Dependent Database (DDb), that makes use of information from the Department of Health and Human Services, Social Security Administration, and the IRS.

The IRS previously tried to replace EFDS, hiring the IT contractor Computer Sciences Corp. (CSC) in 2002 to replace the system. The project went over budget, and when CSC failed to deliver a usable product by January 2006, was IRS opted to use its old system instead. The IRS created identity theft rules for the DDb system during the 2012 tax return processing year.

The new RRP system is being rolled out in phases and will ultimately replace the legacy systems, although the IRS does not have an estimated date for full implementation.

The FTC is also working on identity theft solutions. The agency announced on Thursday an overhaul to, its identity theft website. The site now automates much of the paperwork required of victims in responding identity theft, including pre-filling forms and affidavits to be sent to credit bureaus, businesses, collection agencies, and law enforcement authorities.

The website guides identity theft victims through the process if they encounter problems resolving identity theft issues.

The FTC also launched a Spanish-language website,, to help Spanish-speaking individuals answer prompts in their language, but generate the required forms in English. The agency received 490,000 identity theft reports in 2015, 47 percent more than the previous year.

Article source:

Technorati Tags: ,

TaxSlayer Experiences Identity Theft Attack

Saturday, January 30th, 2016

Tax preparation software provider TaxSlayer detected suspicious activity on its servers about a week after another tax software developer, TaxAct, was attacked by identity thieves.

“We saw the attempt, but they didn’t get through,” said TaxSlayer chief marketing officer Steven Binder.

TaxAct recently was forced to suspend the accounts of more than 9,000 of its customers and said criminals may have stolen information from about 450 of its customers (see TaxAct Detects Data Breach and Suspends Customer Accounts). TaxAct notified the 450 customers in a letter about the data breach that occurred between Nov. 10 and Dec. 4, 2015 and warned them that their names, Social Security numbers and tax returns might have been accessed.

TaxAct declined to comment on TaxSlayer’s experience. “It’s not our practice to comment on incidents that take place outside of our company,” said a spokesperson.

The recent attempt was far from the first cyberattack that TaxSlayer has experienced.

Binder said TaxSlayer sees about 30 to 40 million hacker attempts each year. He told Accounting Today that the company notified the FBI and the IRS about the recent attack.

A TaxSlayer spokesperson later provided additional information about the incident to Accounting Today after this article was posted: “TaxSlayer detected suspicious activity on its servers about the same time as TaxAct,” said the statement. “TaxSlayer’s security incident did not result from any action on the part of TaxAct. TaxAct, while a competitor, is a valued partner in the fight against fraud and we will continue to work with them and the rest of the industry to fight against identity theft. TaxSlayer did not fend off a security attack. While there was no breach of our systems, some data may have been compromised or stolen. We believe the data was accessed as a result of usernames and passwords being compromised from other sources. We are in the process of notifying affected individuals. We had around 8,800 accounts that were subject to suspicious activity. A smaller number, or less than one third of one percent of our database, likely had their tax return data accessed.”

Like other tax software vendors, TaxSlayer has been stepping up its security measures as part of an initiative that the IRS established last year in partnership with the tax software industry, the major tax prep chains and state tax authorities.

TaxSlayer has been taking extra measures as it recently won a contract with the IRS to provide software next year for its Volunteer Income Tax Assistance and Tax Counseling for the Elderly programs (see IRS Picks TaxSlayer for VITA and TCE Programs).

“Before we even won the IRS contract, we asked for additional verification if we see someone log in from a different computer,” said Binder. TaxSlayer will be working closely with the IRS on setting up the VITA and TCE sites.

The Evans, Ga.-based, family-owned company has been expanding its outreach to tax preparers. While the vast majority of its customers are taxpayers using the consumer software, particularly through the IRS’s Free File program, TaxSlayer has approximately 8,900 tax prep practices using the professional version of its software, according to Binder. In contrast, TaxSlayer processes more than 1 million returns annually for consumers.

Approximately 30 to 40 percent of that is through the Free File program, which provides free federal software for taxpayers. Like other Free File members, TaxSlayer charges consumers to file their state tax returns, but offers a 50 percent discount for members of the military. It charges an annual fee for its professional software.

TaxSlayer plans to debut a cloud-based version of the professional tax software in March, along with a mobile app. The company also sells bookkeeping software, TaxSlayer Books.

Article source:

Technorati Tags: ,