IRS Phone Scams in 2016

Aggressive and threatening phone calls by criminals impersonating IRS agents remain a major threat to taxpayers, headlining the annual “Dirty Dozen” list of tax scams for the 2016 filing season, the Internal Revenue Service announced today.

The IRS has seen a surge of these phone scams as scam artists threaten police arrest, deportation, license revocation and other things. The IRS reminds taxpayers to guard against all sorts of con games that arise during any filing season.

What are IRS Phone Scams?

“Taxpayers across the nation face a deluge of these aggressive phone scams. Don’t be fooled by callers pretending to be from the IRS in an attempt to steal your money,” said IRS Commissioner John Koskinen. “We continue to say if you are surprised to be hearing from us, then you’re not hearing from us.”

“There are many variations. The caller may threaten you with arrest or court action to trick you into making a payment,” Koskinen added. “Some schemes may say you’re entitled to a huge refund. These all add up to trouble. Some simple tips can help protect you.”

The Dirty Dozen is compiled annually by the IRS and lists a variety of common scams taxpayers may encounter any time during the year. Many of these con games peak during filing season as people prepare their tax returns or hire someone to do so.


Avoiding IRS Phone Scams

This January, the Treasury Inspector General for Tax Administration (TIGTA) announced they have received reports of roughly 896,000 contacts since October 2013 and have become aware of over 5,000 victims who have collectively paid over $26.5 million as a result of the scam.

“The IRS continues working to warn taxpayers about phone scams and other schemes,” Koskinen said. “We especially want to thank the law-enforcement community, tax professionals, consumer advocates, the states, other government agencies and particularly the Treasury Inspector General for Tax Administration for helping us in this battle against these persistent phone scams.”

Protect Yourself from IRS Phone Scams

Scammers make unsolicited calls claiming to be IRS officials. They demand that the victim pay a bogus tax bill. They con the victim into sending cash, usually through a prepaid debit card or wire transfer. They may also leave “urgent” callback requests through phone “robo-calls,” or via aphishing email.

Many phone scams use threats to intimidate and bully a victim into paying. They may even threaten to arrest, deport or revoke the license of their victim if they don’t get the money.

Scammers often alter caller ID numbers to make it look like the IRS or another agency is calling. The callers use IRS titles and fake badge numbers to appear legitimate. They may use the victim’s name, address and other personal information to make the call sound official.


How to Identity IRS Phone Scam

Here are five things the scammers often do but the IRS will not do. Any one of these five things is a tell-tale sign of a scam.

The IRS will never:

  • Call to demand immediate payment, nor will the agency call about taxes owed without first having mailed you a bill.
  • Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
  • Require you to use a specific payment method for your taxes, such as a prepaid debit card.
  • Ask for credit or debit card numbers over the phone.
  • Threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.

If you get a phone call from someone claiming to be from the IRS and asking for money, here’s what you should do:

If you don’t owe taxes, or have no reason to think that you do:

  • Do not give out any information. Hang up immediately.
  • Contact TIGTA to report the call. Use their “IRS Impersonation Scam Reporting” web page. You can also call 800-366-4484.
  • Report it to the Federal Trade Commission. Use the “FTC Complaint Assistant” on Please add “IRS Telephone Scam” in the notes.

If you know you owe, or think you may owe tax:

  • Call the IRS at 800-829-1040. IRS workers can help you.

Reporting IRS Phone Scams

Stay alert to scams that use the IRS as a lure. Tax scams can happen any time of year, not just at tax time. For more, visit “Tax Scams and Consumer Alerts” on

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on

IRS Tips to Protect Your Personal Information While Online

The IRS, States and the tax industry urged to be safe online, and it reminds you that you should take important steps to protect your tax and financial information and at the same time protect themselves against identity theft. Handle your personal data as if out cash – does not distribute it any.

Protecting your Social Security Number and Other Tax Information

Your Social Security number, numbers of credit cards and Bank and utility account numbers can be used to steal your money or to open new accounts in your name. Whenever prompted for your personal information, think if you can really trust the application. In an attempt to steal your information, the scammers will do their utmost to appear trustworthy.

Protecting your Social Security Number for Tax Identity Theft

The IRS has partnered with state tax agencies and tax industry to ensure that you understand the dangers that threaten your personal and financial information. Taxes. Security. United. Working in collaboration with you, we can make a difference. Here are some procedures you can follow to protect your financial and tax information:


IRS Identity Theft Protection Tips

Provide personal information only to sites of encryption. If you do shopping or banking online, always look that the site use encryption to protect your information; Since it travels from your computer to your server. To determine if a site is encrypted, look for “https” at the beginning of the web address (the “s” is for safety). Some sites use encryption only on the initial registration page, but if any part of the session is not encrypted, the whole account and your financial information could be at risk. Make sure that https appears on all pages, not just in the initial registration page.

Protect your passwords.

Protect your passwords. The longer the password, it will be more difficult to identify. Use at least 10 characters; 12 characters would be ideal for the majority of home users. Mix letters, numbers and special characters. Try to be unpredictable, do not use your name, date of birth or common words. Do not use the same password for multiple accounts. If we stole it – or took it from one of the companies with which you do business – you can use to steal all of your accounts. Do not share passwords on the phone, text or email. Legitimate companies will not send messages asking for the password. If you receive a message, it is probably a scam. Keep your passwords in a safe place, out of sight.

Do not assume that advertisements or emails messages are from reputable companies.

Do not assume that advertisements or emails messages are from reputable companies. Research companies to find out if they are legitimate. When this online, do a little research since you can save you a lot of money and reduce the risk of safety. If you see an ad or an offer that looks too good, take a moment to verify the original source. Type the name of the company or product in your favorite search engine with terms such as “review”, “complaint” or “scam”. If you find bad comments, you will need to decide if it’s worth taking the risk. If you cannot find contact information for the company, bring your business and financial information to another location. The fact that a web site has an ad for another site does not mean that endorses the advertised site, or who know it first hand.

Do not share in social media – do a search on the website of his name and review the results.

Do not share in social media – do a search on the website of his name and review the results. Probably, the results show former addresses, the names of people living in the home as well as social media accounts and his photographs. All these items are valuable to identity thieves. Even a publication in the media, showing off a new car can help thieves to bypass safety check questions that depend on financial data that only you should know. Think before you post!

Back up your files.

Back up your files. No system is completely safe. Copy important files and statements of federal and State taxes on a removable disk or a backup drive and store it in a safe place. If your computer is sacked, you will still have access to your files.

Keep their records and tax returns.

Keep their records and tax returns. Your federal and state tax forms are important financial documents you may need for many reasons, from mortgages to financial aid for College. Print a copy and keep in a safe place. Also make an electronic copy and store it in a safe place. These measures can also help to make easier the preparation of next year’s tax. If you store sensitive financial and tax records on your computer, use a file encryption program to add an additional layer of security in the event that your computer be sacked.

IRS Anti-Fraud Filters Delay Refunds

The IRS operates several programs that filter tax returns to ferret out improper refund claims, including returns showing bogus wage or withholding amounts and returns suspicious for identity theft.  While these are critical programs, the filters have high “false positive” rates, causing substantial refund delays for hundreds of thousands of legitimate taxpayers.  For example, the false positive rate was about 36 percent during FY 2015 in the Taxpayer Protection Program (TPP), which freezes returns the IRS suspects may reflect identity theft.


What is the Taxpayer Protection Program (TPP)?

The Taxpayer Protection Program (TPP) is responsible for handling potential Identity Theft (IDT) cases that are scored by a set of IDT models in the Dependent Database (DDb) or selected through a query in the Electronic Fraud Detection System (EFDS) or selected by Integrity & Verification Operation (IVO) tax examiners during the daily screening process.


What happens when flagged by the Taxpayer Protection Program (TPP)?

The IRS sends notices to taxpayers whose returns have been flagged by TPP filters and instructs the taxpayers to authenticate their identities online or by phone.  Yet for three consecutive weeks during the filing season, the IRS answered fewer than 10 percent of taxpayer calls on that telephone line, making it extraordinarily difficult for affected taxpayers to get their returns unfrozen and receive their refunds.  For other anti-fraud programs, the IRS currently does not track the false positive rate.  The report recommends that the IRS begin tracking the false positive rate of all screening programs, monitor and adjust filters and rules quickly if they are not effectively zeroing in on fraud, and establish maximum false positive rates for each process and filter.


EITC Compliance and EIC Fraud

Other issues analyzed in the “most serious problems” section of the report include the adequacy of taxpayer service for taxpayers living abroad, the whistleblower program, the IRS’s administration of the Patient Protection and Affordable Care Act, victim assistance in tax-related identity theft cases, and several issues relating to EITC compliance, including the need for better taxpayer education and assistance in the pre-filing environment, more effective use of audits, and greater emphasis on the role tax return preparers can play to promote compliance.


Responses to Letter 4883C, Letter 5071C, or Letter 5447C

Responses to Letter 4883C , Letter 5071C, or Letter 5447C received by mail, fax, Form 4442/e-4442, Inquiry Referral, or Operations Assistance Request (OAR) will be processed by Taxpayer Protection Program (TPP) paper groups. Research will be performed on cases prior to taxpayer contact. Resolve the unpostable (UP) condition using the Integrated Automation Technologies (IAT) Telephone Verification Tool (TVT) located on the aMend Tool screen.

Talk with your family about safety online and at home

For families with children and elderly parents, it is important to make sure that all protect your personal information online and at home. It may be time to have “the conversation”. The IRS and state tax departments and tax industry have joined to combat identity theft related to taxes. Our motto: taxes. Security. United. Working in partnership with you we can make a difference.
Especially in families that use the same computer, must warn it students not to disable any existing protection program and not open emails electronic suspects. Also are you must instruct embedded links will not open or download documents attachments in e-mails from unknown sources.

Identity thieves are just one of many predators lurking on the internet

Identity thieves are just one of many predators lurking on the internet. The actions of a user’s computer can infect the team from all the other users. This is a concern when it comes to personal financial or tax information. Note the children not to share too much personal information on social networks. Share information about your address, a new family car or a new work from one of the parents provide thieves a window with additional information they need to impersonate you.

Elderly parents are ideal prey for identity thieves

Elderly parents are ideal prey for identity thieves. If they are browsing the internet, you may need the same conversation about online safety, avoiding strategies of email spam (spam) and not sharing too much information on social networks. It may also need routine support to make someone see charges on their credit cards and withdrawals of funds from their financial accounts. Credit cards that are not used must be canceled. You must make an annual review of your credit reports by visiting to make sure that robbers have not opened new accounts and reviewing the Social Security Administration account to be sure that there is no excessive income to accumulate in their accounts.
Elderly people are especially vulnerable to phone scams and the pressure of imposters posing as legitimate organizations, including service of internal taxes (IRS), and demanding payments for debts that do not have. The IRS never threaten to demands or imprisonment or be required to use a certain method of payment, such as a debit card. Impostors try to trick elderly people, telling them that they have won a prize in a contest or a relative to need money–anything to persuade him to give their personal information as their SSNs or financial account information.

Tips to protect your financial accounts using the credit bureaus

If  you believe you’re a victim of identity theft, you should contact one of the three credit bureaus to implement a “fraud alert” on your credit account. This step is important because it makes it more difficult to identity thieves to open additional accounts, such as accounts on your behalf. This also helps prevent identity thieves to contact tax refunds into bank accounts that they themselves have created or that open lines of credit to your name.

IRS and State Tax Data Theft Prevention

The IRS has partnered with state tax agencies and tax industry to ensure that you understand the dangers that threaten your personal and financial information. Taxes. Security. United. Working in collaboration with you, we can make a difference. If you think you’re a victim of identity theft, contact a credit agency that can help you in many ways, even to protect their tax information.

Contacting Main Credit Bureaus

The three main credit bureaus are:; 888-766-0008.; 888-397-3742.; 800-680-7289.
If you are a victim of identity theft, you need contact only one of the three agencies to request a fraud alert. The credit Bureau that you select must inform other agencies request a fraud alert. You will receive a letter from each of the credit bureaus. The letter will confirm that already settled a fraud on your account alert. Fraud alerts are free and remain in force for 90 days but you can renew it. These provide you with warning signals to other businesses where thieves may be trying to open accounts for legitimate businesses to take extra steps to verify identities.


There are three types of fraud alerts available:

The initial fraud alert. If you are concerned about identity theft, but you are not a victim, this type of fraud alert protect your credit against the access not verified, at least 90 days. You should perhaps place a fraud on your account alert if lost wallet, social security card or if stolen or lost another personal or financial information.
The fraud alert extended. For victims of identity theft, this fraud alert protect your credit for seven years.
Active duty military alert. For members of the armed forces who want to protect their credit while they are serving, this fraud alert works a year.

Requesting Free Credit Report

In addition, you should request your free credit report right away to ensure that identity thieves have not open additional accounts. Visit the website, operated by the three credit bureaus, or call 877-322-8228. If you want stronger protections, or if it was part of a filtering of data, you may consider freezing your credit, made employing these additional protections but that commonly charges a fee that varies by State.
A credit freeze, also known as a security freeze, allows you to restrict access to your credit report, which makes it more difficult for identity thieves to open new accounts in your name. To do this, you must contact each of the three credit bureaus. What is the difference between a fraud alert and a credit freeze? A credit freeze puts a lock on your credit. A fraud alert permits creditors to obtain a copy of your credit report provided that additional steps are taken to verify their identity. At the moment where they grant you your request to freeze their credit, each credit agency will send you a letter with a number of individual identification (PIN) or password. Keep this PIN or password in a safe place. You will need it if you then wish to cancel the freeze.
If you request a line of credit, a loan or a job, you will need to temporarily lift the credit freeze action so that the business can confirm your credit history. It also charges a fee to lift the credit freeze action.
To learn more about additional steps you can take to protect your personal and financial information, please visit taxes. Security. United. You can also read the publication 4524, awareness of security to taxpayers.
Every taxpayer has a number of fundamental rights to be taken into account when dealing with the IRS. These are the rights of the taxpayer. Explore your rights and our obligations to protect them at

What is an IRS IP PIN and CP01 Letter?

Which brings us up to the IP PIN: once a case is resolved, the taxpayer is going to receive a CP01 letter saying, “We have resolved your identity theft case. It’s over. It’s done. You’re finished.” In December, if they get the case resolved fast enough (usually by a cutoff date in mid-November), we are going to send them a CP01 letter. The CP01 letter is a letter that contains their Identity Protection PIN.



What is an IRS IP PIN and CP01 Letter?

We send it out once a year in December to the address of record. Now, we know that some taxpayers move, and we’ve got a way around that. We use it for self-reported people: people who call us and say, “I’ve been a victim;” victims that we identify through different fraudulent filings; and the program you’ve all heard of from Florida, Georgia, and District of Columbia. The reason these were picked: these are the highest areas, per capita, of identity theft in the country. For those of you who have heard about Florida being a hotbed of identity theft, Florida was not number one. Washington, DC, was number one per capita in the country. So, that’s why they are there. So, if they went through our program, they are going to get a CP01 letter in December.


What is an IRS IP PIN?

What the IP PIN does is it authenticates the taxpayer. It acts as one more layer of authentication. It’s a six-digit number (not the five-digit) that we change every single year, send to the taxpayer, and it puts one more level on to make sure that that is the right person. Nobody in IRS knows that number except for your client. Our assistors don’t know the number. Our people who are processing don’t know the number. When they file the return, it goes on the return, and it’s matched against our master file. It’s either denied or allowed (and goes through). Nobody in IRS can actually give them that number again.


Results of IRS IP PIN program

The results of our IP PIN program: as the commissioner said, they are under review. We want to see, one, what the appetite is. Is this something the taxpayers want? If we put it out there and they don’t want it, then why offer it? Is there a better way to do it? What was the success rate with people who were victims before who went in and said, “Well, I want to do this on my own”? So, we actually went through, and we’re looking at that. We will probably have a study. Right now, anybody in these three states, regardless of whether they are a victim or not, can go in and file for an IP PIN. We are looking to see whether it can be expanded to the rest of the country, and we will work forward from there.


What is IRS Letter CP01A?

Again, a new number is received every single year in a CP01A. There is no opt-out condition right now. This is part of the problem with offering it nationwide. Once you get an IP PIN, you are getting one every single year. We cannot get you out of the program. One of the things we did change – and again, I said, “Nobody knows what that number is” – if your taxpayer loses the number or has moved and doesn’t get the IP PIN, there is a way they can get it. They can go online to the identity theft website on and it explains all this. Or they can go to (it is all one word), and after going through and creating an account, they are going to need a valid email address that they can access during their account creation.



Creating IRS PIN

They will create an account, pass the authentication questions, and we will give them their original IP PIN right there on the spot. It will not be replaced, but it will be their actual IP PIN. After that, they can go in and get that every single year online if they want, or they can wait for the letter. But we are looking at… because what was happening was taxpayers were calling in and we were giving them what is called a Replacement IP PIN, and this is still going to happen. If somebody calls into our assistors and they say, “I’ve lost my IP PIN. I need my IP PIN,” we are going to authenticate the taxpayer over the phone. But because it’s a phone authentication and we can only do so much, we are going to give them a Replacement IP PIN, but it is not going to be their original IP PIN.

What is going to happen is it’s guaranteed it’s going to delay processing because, while the PIN is going to allow the return to get accepted if you are filing electronically, it is not going to post it. It is only going to accept it. It’s going to go to our unpostables unit where people are going to manually verify this is the right person. So, if they call up our taxpayer service number and they get an IP PIN through that, tell your client you can guarantee that it is going to be delayed. And I don’t know how long it’s going to be; depending if they filed during peak season or not.

All right, the future of our victim assistance. One of the things we are always asking ourselves is, “How can we better serve the victim?” Because if any of you have ever been victims yourself, you know it is a traumatic experience. You are going to call an organization you really don’t like about a situation you like even less. So, you are already behind the ball. So, what we are going to do is we’re moving towards more online products. We want to find out later on if we can make the 14039 an electronic process. Can we file it electronically?

If we have a big data breach and you’ve got – let’s say OPM – you’ve got 24 million people. And all 24 million people in OPM say, “Well, my Social Security number was on that file. I’m going to file a 14039.” Within three weeks, we receive 24 million 14039s. The delay in processing is going to be extensive. So, the question is “Can we make this an online product?” One of the questions of this was “Can we make the retrieval of the IP PIN electronic?”, and we did. We put it up on the website. We have a methodology for doing it, and it’s made it a whole lot easier.


IRS Identify Theft Terms

Form 14039, Identity Theft Affidavit – Complete and submit this form if you are an actual or potential victim of identity theft and would like the IRS to mark your account to identify questionable activity.

Identity Protection Personal Identification Number (IP PIN) – An IP PIN is a 6-digit number assigned to eligible taxpayers to help prevent the misuse of their Social Security number on fraudulent federal income tax returns. An IP PIN helps the IRS verify a taxpayer’s identity and accept their electronic or paper tax return.

Letter 4883C – This letter is for suspicious prior-year returns. These taxpayers must call the IRS Taxpayer Protection Program toll-free number that is on the letter in order to verify their identities and let IRS know if they did or did not file the return.

Letter 5071C – This letter is for suspicious current-year returns. These taxpayers are asked to first verify their identities online at In order to verify the identity of the taxpayer, the Out-of-Wallet (OOW) website requires the user to correctly answer disclosure questions and additional personal questions that only the valid taxpayer is likely to know. They can also use this website to inform IRS if they did or did not submit the return in question.

Letter 5447C – This is for suspicious returns that have a foreign address. These taxpayers must verify their identities with IRS by either calling an international Taxpayer Protection Program line or by mail.

Tax-related identity theft – Tax-related identity theft occurs when someone uses your stolen name and Social Security number to file a tax return claiming a fraudulent refund, or when someone uses your Social Security number to obtain employment.






IRS Form 14039 Identity Theft Affidavit

For tax-related ID theft, we want you to take one more step. The IRS would like you to file the Form 14039, which is the Identity Theft Affidavit – and this is a form that tells us that your client has been a victim of tax-related or is suspected of being a victim of tax-related identity theft – and send it into the IRS. Again, respond to any letters and notices that they get. The last one seems kind of obvious, but you would be surprised the people that don’t do this. .


Identity Theft and Taxes

Continue to file the taxes even if somebody else already has under your number. Just because a return has been filed under your Social Security number doesn’t give you a pass on this year’s taxes. You have still got to file the return. They are going to file a paper return, but they have still got to file the correct return

Preparers will need a power of attorney or a CAF

Preparers will need a power of attorney or a CAF if the identity theft unit is going to talk to them. One question I can answer from the last one as to why that box is on there for the preparers: that is only for submission processing during the processing of the return. It doesn’t allow IRS to talk to the practitioner about the tax return after it has been processed. It is only if IRS has a question during the processing of the return to get it posted. That is why the box is there. But if they are going to talk to you about the identity theft case, make sure that you put on the power of attorney the tax year, the tax return, and all identity theft matters. Because, in some cases, depending on the identity theft, if you call up, even if you are the power of attorney for the 1040 for that year, they may not talk to you about the identity theft case. So, make sure that you put the identity theft case on the 2848 when you file it with IRS.


Form 14039

The top line says, “Submit only for taxpayers who are at risk or suffered a personal loss with an SSN.” I am going to change this and I am going to say, “If somebody believes they are at risk for this happening.” I would rather have it be proactive than reactive. If somebody comes to you and says, “I think I have lost my Social Security number” or “This place got hacked and my Social Security number was in these records,” go ahead and file the form.


How to Fill-Out Form 14039

When you check the appropriate box… there are two boxes on the 14039. Box 1 says, “I’ve been the victim of identity theft and it has impacted my tax administration.” That is generally one of the ones where I couldn’t file the return because somebody else already has. That’s where that pops in. So, if that has happened to you, you check Box 1. Check Box 2 if the person has had an incident happen that you believe it may include a Social Security number, but it hasn’t impacted their taxes yet. These are going to happen, for example, after the fact. You hear your doctor’s office got hacked and lost all their records. You think your Social Security number is on their records. “I want to be proactive.” You check Box 2 because Box 1 generally means you couldn’t file a tax return, and you’re going to have to do a second step. Make sure that you do all verification there is. You are going to have to put a copy of a Social Security card and a state ID form on there so we know who you are. Follow the submission instructions. Now what this means is, depending on which box you check and how you file the return depends on the instructions you are going to follow.


Form 14039

If you are filing it regarding a tax-related incident, you have to put the 14039 on top of the tax return and file it in the place where you normally file a paper return. You would send it to the regular place you normally would. If you are sending in just the form itself – there was no tax return impact, but you think there might be, you check Box 2 – look on the back of the form and find out where to send it, because that is going to have a different address than the actual tax return is going to go to. What happens when we receive the paper return is it comes in, we mark it as a potential identity theft return on the account, we take the information off of the account, we send the information over to our IPSU (which is the Identity Protection Specialized Unit), and they go ahead and process the information. We go ahead and process the return, and this is where it gets a little bit interesting.


IPSU Goals and Form 14039

The IPSU goals are, basically, identify it, because either you’ve picked it and sent in the Form 14039 or it’s through filters. Correct the accounts quickly, and this is where I want to identify the word “quickly.” We’ve had a lot of complaints because, well, it takes a long time. Right now, the average time for getting an identity theft return turned around – that is one that has already been impacted – is usually about 120 days. It wasn’t too long ago… as a matter of fact, two years ago, it would take a year. Part of the reason is sheer volume. We go through just about 900,000 identity theft returns a year, and we have to go through and fix each one of them.


Filing Form 14039

Again, part of IPSU is putting indicators on accounts. We want to make sure that once it happens to your taxpayer in the beginning, it doesn’t happen again. The worst thing that could possibly happen is you go through the trauma of “I can’t file my return,” send it to us, and it happens again next year. I am not saying it can’t happen. There is a little window that allows it to happen. For example, if you file the Form 14039 and you file it in October, there is a very good possibility we may not get that resolved until after the next filing season starts, after the 120 days. So, there is that little window, but we like to get it done as soon as possible and be able to stop it from happening again. The third thing is to be able to communicate with the ID theft victim.

Identity Theft and Form 14039

We want them to know, and we’ll be the first to admit our communication in the past has not been that great. Right now, we are writing letters to let taxpayers know what the statuses of their cases are. We send them a letter when the case gets resolved. We want the taxpayer to feel comfortable in what it is that’s going on with the IRS because we don’t want them to think this application goes in this big black hole.


What to do if you receive the wrong W-2 Form?

If you receive a notice about an employer who has a W-2 for your taxpayer that they didn’t work at – and this usually happens in the fall, say from June through November – our underreporter unit will go through and they will match up the W-2s against the tax returns, and they will find that one is missing. And let’s say that this W-2 comes in and it’s out of North Carolina, and this person made about $20,000 in North Carolina. Your client only made $30,000 all year, so, of course, our underreporter is going to kick out and say, “Hey, most of your income wasn’t reported. You’ve got this big chunk out here.” Well, your client is going to look at it and they are going to say, “I didn’t earn this income.” The best thing they can do is call back the number on the letter and say, “I didn’t earn this income.” We need to know that. We need to know the information has been compromised so we can mark their account that they are at risk for identity theft. It is very important. Some people just go ahead and ignore it. And what happens if they ignore it, it gets assessed. Then you start getting collection letters. And it is harder to get out of collection once it has been assessed than it is to stop it from getting assessed in the first place.


I received an incorrect W-2 form. My former employer won’t issue me a corrected W-2. What should I do?

If your attempts to have the incorrect Form W-2 Wage and Tax Statement, corrected by your employer are unsuccessful and it is after February 14, you can request that an IRS representative initiate a Form W-2 complaint.

  • The IRS will send your employer a letter requesting that they furnish you a corrected Form W-2 within ten days. The letter advises your employer of their responsibilities to provide a correct Form W-2 and of the penalties for failure to do so.
  • The IRS will send you a letter with instructions and Form 4852 (.pdf), Substitute for Form W-2, Wage and Tax Statement, or Form 1099-R, Distributions from Pensions, Annuities, Retirement or Profit-Sharing Plans, IRAs, Insurance Contracts, etc. You can use the Form 4852 in the event that your employer does not provide you with the corrected Form W-2 in time to file your tax return.

When you call the IRS or visit a TAC office, please have the following information available:

  • Your employer’s name and complete address including ZIP code, employer identification number if known (see prior year’s Form W-2 if you worked for the same employer) and telephone number,
  • Your name, address including ZIP code, Social Security number, and telephone number, and
  • An estimate of the wages you earned, federal income tax withheld, and the period you worked for that employer. You should base the estimate on year-to-date information from your final pay stub or leave-and-earnings statement, if possible.

Form 4852 and Form W-2

If you file your return and attach Form 4852 to support the withholding amount claimed instead of a Form W-2, there may be delays processing your refund while we verify the information you gave us.

If you receive a corrected Form W-2 after you filed your return and it does not agree with the income or withheld tax you reported on your return, file an amended return on Form 1040X (.pdf), Amended U.S. Individual Income Tax Return.

IRS Electronic Fraud Detection System (or EFDS) Unit

When the tax return is filed, what generally happens is it takes two paths. The first one is what is called the Electronic Fraud Detection System (or EFDS). And what this does is it goes through and it looks at all the different lines on a tax return, paper and electronic. And, based on the different lines in the tax return and how they relate to each other… for example, you’ve got an adjusted gross income of $10,000 and you’ve got $15,000 in contributions. It could be suspicious. And trust me; that has happened. What it does is it looks at all the different lines on the return, it compares one against the other, and it gives it a score. And all the score does is it identifies the risk of a suspicious return. It doesn’t say that it is; it doesn’t say that it isn’t. All it says is that there is a risk of identity theft or fraud on this return.


How does the IRS Electronic Fraud Detection System (or EFDS) Unit Work?

Once it goes through EFDS, it makes a right-hand turn and it goes over to our Dependent Database. Now, Dependent Database doesn’t necessarily mean “dependents.” What it does is: our database has a bunch of different filters in it, and the filters identify things that we have seen in identity-theft schemes. Right now, we have 195 specific filters just for identity theft. And the thing about using the Dependent Database is it allows us to manipulate these different filters in real time so that if we see a scheme coming down the road and somebody calls in and they say, “I’ve seen a lot of this,” we can take those filters and design that scheme in the Dependent Database. When a return comes through, it looks for it. If it finds that criteria, it pulls it out, and, again, assigns it a score as a potential for identity theft.


Example IRS Electronic Fraud Detection System (or EFDS)

So, once these are pulled out, then it gets interesting because it then goes to your desk, and you may see some things like this. In 2014 – just to give you an idea of how effective this is – we had 5.6 million returns we identified, so we are pulling them out. We know we have a long way to go, and we intend to work on the filters going down the road as they become more available. As they get more sophisticated, we can change. We also had $545 million in fraudulent refunds returned from the banks. So, we have that on our side, too. If the banks see something, they can then return it to us and say, “This is potentially suspicious.”


IRS Dependent Database

Once the Dependent Database picks it out and identifies it as a potentiallyfraudulent return, we send a letter to the taxpayer. And the taxpayer goes to the address that is on the return. Now, the reason we do that is it has to go back to the person who sent it. If your client gets one of these letters, the best advice you can give them is “Respond to it.” We give them 30 days. If they don’t respond to the letter in 30 days, the return gets pulled out of processing and it goes into this big black hole (and the return goes in there). It gets put in the crate and is never seen again. So, have them respond to the letter if they get it. Now, it’s at this point when the letters go out that you may get involved in the process because they are going to come to you and they are going to say, “What do I do?”


What happens when the IRS detects fraud?

Now, there’s three possible letters that go out. The 4883C: this goes out to anybody who is filing a potential identity theft return for a prior year during the current processing year. So, this year, we filed our 2014 taxes. If somebody files a 2013 or earlier and it looks suspicious, then it is going to get kicked out and they are going to get a 4883C. The 4883C requires the taxpayer to call up to our taxpayer protection number and answer a series of questions so we can authenticate them as the person that they are. Again, it is very important that they call. If they don’t call, we don’t know it is them. If they didn’t file the return, we want them to call and tell us, “We didn’t file the return.”

Receiving IRS Form 5071C

There are things we can do to clear the account out so when they do file the return, things will be easier for them. But no matter what, if they get a letter, call. The second letter: the 5071C. These are for potential identity theft returns for a current-year return filed during the current filing season. And this is the one you are probably going to see the most of because people are going to file 2014 returns. If we think they are suspicious, they are going to go right out. Now, this one has an interesting option to it. This has two options: you can either call up the taxpayer protection line, or it is going to give you an option to go online. And the online website is Now, I’ll admit the first year we did this, we did not do a very good job of letting practitioners know this existed. And we stood up here on the stage and we said that we do not have a website that is going to ask you for personal information to verify who you are. It is probably fraudulent except for this one.


What is IRS ID Verify?

The ID Verify is a real-time system that is going to ask the taxpayer a series of out-of-wallet questions. These are the ones I talked about earlier. “Which of the following cars relates to you for 2011? Which of the following addresses relates to you for 2005?” They are all designed, based on public record information, to verify who the taxpayer is. All we want to do is make sure the person on the other end of that computer is the person we think it is. If it’s not, and they fail authentication – and some people do, and I’m not saying that everybody who gets this (a legitimate taxpayer) is going to pass the authentication. Sometimes you look at the questions, some folks just say, “I can’t do this,” and they can’t answer it, and they fail.

If they fail authentication, they still have the option of calling the Taxpayer Protection Program number on the letter and verifying it over the phone. Some people just don’t trust websites, and that is fine. My parents will never buy anything over the Internet. And if I asked them to put their information on a website, they would look at me like I had three heads. So, some people just don’t like it. That is fine. So, they can call up the taxpayer service, verify themselves over the phone, and move forward. If for some reason they fail this one, there’s still a third option. They can go to a taxpayer walk-in site with two forms of identification – a Social Security card and a picture ID – and they can verify in-person. And it has been known that some people for some reason fail both authentications. We don’t want the legitimate taxpayer put out just because maybe they didn’t understand a question or they feel uncomfortable. That is fine. We want them to do everything they possibly can.

IRS Letter 5447C

The last letter is the 5447C. This letter is going out to anybody who files an international return. You may not ever see this because these go overseas. This contains an international taxpayer number where they can call. We don’t want them calling people in the states to say, “Oh, we think it’s suspicious, so go ahead and make a long-distance call across the pond.” We would rather have them call a local international number. All right. Again, if you receive a notice from the IRS such as a verification request, the most important thing is to answer it, whether or not they filed the return. The warning signs they are going to get: if they received a letter and they didn’t file the return or their letter looks suspicious, it could be a problem.

Avoid Phishing and Malware to Protect Your Personal Data

“Update your account now.”  “You just won a cruise!” “The IRS has a refund waiting for you.”

In the cyber world of phishing, the sentences are “bait” – lures from emails, telephone calls and texts all designed to separate you from your cash, your passwords, your social security number or your very identity.

The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. Working in partnership with you, we can make a difference.


Avoiding IRS Phishing Scams

No doubt you’ve heard that warning to beware of phishing many times. But, phishing remains a problem because it works. Cybercriminals on a daily basis concoct new ways to trick people into turning over cash or sensitive data that can affect your taxes.

When it comes to this type of crime, the main line of defense is not technology, it is you.

Criminals pose as a person or organization you trust and/or recognize. They may hack a friend’s email account and send mass emails under their name.  They may pose as your bank, credit card company or tax software provider. Or, they may pose as a state, local or federal agency such as the Internal Revenue Service or a state agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in pages.

Just remember: No legitimate organization – not your bank, not your tax software company, not the IRS – will ever ask for sensitive information through unsecured methods such as emails. And the IRS never sends unsolicited emails or makes calls with threats of lawsuits or jail.

Scam emails and websites also can infect your computer with malware without you even knowing it. The malware can give the criminal access to your device, enabling them to access all your sensitive files or track your keyboard strokes, exposing login information.


Here are a few simple steps you can take to protect yourself:

  • Avoid suspicious phishing emails that appear to be from the IRS or other companies; do not click on the links- go directly to their websites instead.
  • Beware of phishing scams asking you to update or verify your accounts.
  • To avoid malware, don’t open attachments in emails unless you know who sent it and what it contains.
  • Download and install software only from websites you know and trust.
  • Use security software to block pop-up ads, which can contain viruses.
  • Ensure your family understands safe online and computer habits.