In IR 2017-123, IRS Commissioner John Koskinen reported significant success in reducing personal identity theft. From January to May of 2016, 204,000 taxpayers reported being victims of identity theft. However, for the first five months of 2017, the number of identity theft victims declined 47% to 107,000 taxpayers.
Koskinen stated, "The IRS, state tax agencies and the tax community have worked hard to turn the tide against tax-related identity theft. We are making progress in protecting individuals, but still have more work to do, especially in the business tax area and involving tax professionals. Continued lapses in simple security measures can happen in tax professional offices and other businesses as well as at home."
As Koskinen observed, the news was different for identity theft involving business related tax returns. There were 10,000 reports of business returns with identity theft issues in the first five months of 2017. The number of similar incidents in 2016 was 4,000 for the full year. Cybercriminals continued to target tax professionals. Most of the fraudulent income tax returns were for corporations, trusts or estates.
Koskinen noted, "It is especially difficult to identify any tax return as fraudulent when criminals are using information stolen from tax preparers. The stolen data allows criminals to better impersonate the legitimate taxpayers."
In the information letter, the IRS updated recommended steps for business protection against identity theft.
- Education - Explain the dangers of phishing activity to all staff. Warn them to be especially wary of emails that claim to be from clients.
- Software - Install and use excellent quality security software. Security software should automatically update each day.
- Passwords - Use strong passwords. These will have multiple characters, upper and lowercase letters and numbers.
- Encryption - Use appropriate encryption methods for sensitive data. Back up your data every day and retain backups off site.