M Paquette
Moderator Emeritus
Sounds like someone has brought the wonders of automation to filing fraudulent tax returns, and Intuit has done their usual job in handling security and fraud prevention.
Except that you are allowed to change your address. There is no special procedure for it, other than putting your new address on your filed return.Simply snail mailing the refund check to the taxpayer's address of record would also largely resolve this problem.
I noticed that this has not affected HRB and TaxAct. Or could that be just because TT has a larger share of the market and would notice sooner?
Being a Turbo guy and stuck in a holding pattern until I get all my forms, I checked in today to just make sure they didn't say "your return has been processed and refund already received"
Sent from my iPad using Tapatalk
How do you do this?
I just signed into my account. It welcomed me back and wanted me to update any items from 2013 tax year such as address before starting in this year's taxes... I did that part and stopped.
Sent from my iPad using Tapatalk
The frauds don't go through your Turbotax account. They would have a separate Turbotax account but use your SS#.
Well I wish you hadn't told me that, as in this case "ignorance is bliss" since I cannot file yet! [emoji31]
Sent from my iPad using Tapatalk
Sorry! I was hoping you had an in on the IRS.
E-filing resumed at 6 p.m. Eastern time, TurboTax parent company Intuit Inc. announced in a news release. The company has continued to work with states where suspicious filings have been reported.
State agencies had reported a rise in filings with stolen personal information, Intuit said.
Thanks - yes, when I try to understand a security breach issue, I usually end up going to his site. And I even mentioned his name today but hadn't quite gotten to his site. Looks like these credentials are stolen through the usual mechanisms - PC malware and phishing.Kerns has a good discussion of the current problem. See the Feb 6 blog entry.
Krebs on Security
Also note the picture of the website selling stollen tax Id information. 4 cents a name. Not so good.
"Stolen TurboTax or H&R Block credentials are cheaper and more plentiful that most people probably would imagine. According to the below-pictured well-known seller on the Dark Web forum Evolution Market, hacked accounts currently can be had for .0002 bitcoins, which works out to about 4 cents apiece."
IP PIN pilot continues in Georgia, Florida and the District of ColumbiaThe Internal Revenue Service is again offering the Identity Protection PIN to all taxpayers who filed their federal tax returns last year from Florida, Georgia and the District of Columbia as part of a pilot program to help determine taxpayer demand for the IP PIN and the Service's ability to issue the PIN to a larger number of taxpayers. These locations have the highest per-capita percentage of tax-related identity theft.
Here's something new, that should interest folks here.
IP PIN pilot continues in Georgia, Florida and the District of Columbia
http://www.irs.gov/Individuals/Freq...ection-Personal-Identification-Number-(IP-PIN)
Here's something new, that should interest folks here.
IP PIN pilot continues in Georgia, Florida and the District of Columbia
http://www.irs.gov/Individuals/Freq...ection-Personal-Identification-Number-(IP-PIN)
The successful filing/acceptance of a federal return might serve as an effective "screen" to some fraudulent/duplicate returns, especially if a state's fraud prevention mechanisms are weak. Series, rather than parallel, submission of the federal/state returns is a bit more cumbersome, but serves as additional protective measure.H&R Block has no indication of similar problems with its state tax filings, company spokesman Gene King said Friday. “H&R Block continues to file state and federal returns as usual,” he said.
The Block spokesman also said his company’s anti-fraud controls include requiring an e-filed federal return to have been accepted by the U.S. prior to transmitting a state e-filed return. With TurboTax, by contrast, it is possible to e-file a state return without e-filing a federal return, Intuit confirms.
A TaxAct spokeswoman said that company is not seeing similar fraud issues and that customers can file state and federal returns as usual.
Makes sense. Thanks for the snippet and link.A hint about why TurboTax state returns might be affected at a higher rate than those prepared with other programs--maybe it's the procedure each software uses: (from the WSJ, may require subscription, bold added)
The successful filing/acceptance of a federal return might serve as an effective "screen" to some fraudulent/duplicate returns, especially if the state's fraud prevention mechanisms are weak.
This scam that involves 'filing for your refund before you can' has been going on for several years now. All the criminal needs is your social security number and other PII. similar to what was just stolen in the Anthem hack.
IIRC, It hasn't been specifically a turbotax thing, just any sort of electronic filing. before that, they would just snail mail in the documents before you, IIRC
I didn't know how new this was. I saw they were only offering it for states with high return fraud, otherwise you have to have been a victim of ID theft to get one.
If I choose to get an IP PIN, does this mean I am an identity theft victim?
No, the program is not limited to just identity theft victims. The main purpose of the program is to add an additional layer of protection to taxpayers who live in areas where tax-related identity theft is more prevalent.
Admittedly it is confusing but that does not appear to be the case if I understand this correctly from the second link MichaelB posted. The quoted text is at the bottom of the page:
Dear member
This is to inform you that our system has generated your new secure electronic PIN to e-File your 2014 tax return.
Please kindly download the Microsoft file to securely review it.
Thanks
Internal Revenue Service
<address given>
Wow--both Microsoft and the IRS in the same solicitation. If it had Comcast it would be some sort of evil trifecta.Someone I know got a phishing email today from the "IRS" announcing that they had a new IP PIN to use for e-Filing their 2014 return