 Internal Revenue Service IRS Tax News Security Summit Telltale signs of Identity Theft Tax Pros should watch out for The Security Summit, like the new Justice League, saving the world with strong warnings. If some potential client tells you a strange tale, it may be a telltale sign of identity theft, that is. In other words, strange tales are often telltales. And vice versa. Hey, I think my cat's a telltale sign, to be honest. Because it got its tail caught in the door one time, making it permanently kinked to the right. So now he's got, like, a really strange tale. Which means he may also be a telltale sign of identity theft. It's all coming together now. It was you, Fluffy. I know. It was you. Anyways, first an attempt at a joke. The IRS gave me monkey pox. They just, they just gave me a case of the Hebrew Gbizetta. I'm not sure how exactly it got transmitted. How? But I have my suspicions. Unfortunately, my suspicions have been confirmed. Like during that last IRS audit. They're gonna get an IRS office. When I got totally screwed. Well, I got screwed on the donuts. IR 2022-144, August 2nd, 2022, Washington, with identity thieves continuing to target the tax community of horrible people. Internal Revenue Service Security Summit partners today urge tax professionals to learn the signs of data theft so they can react quickly to protect clients. The IRS state tax agencies and the tax industry working together as the security summit reminded tax professionals that they should contact the IRS immediately when there's an identity theft issue while also contacting insurance or cyber security experts to assist them with determining the cause and extent of the loss. Quote, tax pros must be vigilant to protect their systems from identity thieves who continue to look for ways to steal data. The end quote said IRS Commissioner Chuck Reddick quote, practitioners can take simple steps to remain on the lookout for signs of data and identity theft. It's critical for tax pros to watch out for these details and to quickly take action while telltale signs emerge. So these can be critical to protect their business as well as their clients against identity theft end quote. This is the third in a in a summer series of five security summit news releases aimed at raising awareness among tax professionals about data security. The special protect your client protect yourself campaign protect your client protect yourself campaign is designed to help protect against tax related identity theft by increasing attention on basic security steps that tax professionals and others should take to protect sensitive information. One common concern the IRS hears from tax professionals is that they did not immediately recognize the signs of data theft. So clearly we want once data has been breached or so on we want to know what the signs are at that point. So summit partners are urging tax professionals to watch out for these critical signs. So here they are. Here's the critical signs we need to watch for. So client e file returns rejected because client social security number was already used on another return. So if you try to file a return electronically it doesn't go through. It's going to be possibly because it's already been filed that with that social security number. And what we should be thinking is not just well there's a kink in the system possibly but possibly there's something more going on there like an identity theft and we might want to be basically digging in and doing more research at that point using that as a sign to to get into things. So more e file acknowledgments received than returns the tax profile. So if obviously you're saying hey the the IRS is saying there's a lot more returns filed than I actually filed well then something would be going on there. That shouldn't you just we don't want to just look at that and say well that's a weird thing we should that should be a sign saying well is someone filing returns using our stuff. So client responds to emails the tax pro didn't send. So if they're if they're responding to emails again the client's saying hey I thought I got an email on this and that well then there might be you know you don't want to just brush over that you want to be saying okay let's dig into that a little bit a little bit more in-depth slow or unexpected computer or network responsiveness responsiveness such as software or actions take longer to process than usual. Now here's kind of the scary stuff because obviously you know if your computer is a little slower than usual the question is you know how slow is it that's that would make it unusual or so on. Obviously if it's really slow and you got pop-ups all over the place you would think that there's a problem but but clearly that's one that's a little bit more subjective. Computer cursor moves or changes numbers without touching the mouse or keyboard. So that one's always the one that kind of makes me laugh a little bit although it's quite scary. Obviously if your mouse is moving and you're not moving it if tax returns are being filled out on their own and e-filed in front of your face while you're watching the whole process happen something's wrong. So unexpectedly locked out of the network or a computer so that's not good. So tax professionals should also watch for warning signs when clients report they've received. So if the client saying hey this is what I've gotten here IRS authentication letter 5071c 6331c 4883c 5747c even though they haven't filed a return a refund even though they haven't filed a return. So clearly if if they're getting letters that saying hey action has been taken which you haven't actually taken such as filing the tax return then we don't want to just say oh that's must be some weird thing from the IRS kind of messed up over there maybe someone filed a return with their number and we should be digging into it you know immediately at that point. So a tax transcript they didn't request emails or calls from the from the tax pro that they didn't initiate a notice that someone created an IRS online account for the taxpayer without their consent a notice the taxpayer wasn't expecting that someone accessed their IRS online account the IRS disabled their online account balance due or other notice from the IRS that are not correct based on return filed or if a return had not been filed. These are just a few examples tax pros should ensure they have the highest security possible and react quickly if they sense or see something amiss. So if the tax pro or their firm are the victim of data theft immediately report it to the local IRS stakeholder liaison there's a link to that here so you can check out who that liaison may be in your particular area liaisons will notify IRS criminal investigation and others within the agency on the practitioner's behalf. Now note that contacting the IRS may not actually you know stop the breach of course at that point in time but they may be on the lookout on their end to see if fraudulent returns are filed based on that you know information but also you want to give it to them of course so that they can put the information into their system and compile all the data together and possibly take some action in the future to stop this stuff with all that compiled data that's how we get things done crunching numbers crunching numbers so speed is critical if reported quickly the IRS can take steps to block fraudulent returns and the client's names and will assist tax pros through the process so that of course can be effective so that obviously the breach on your computer is not something the IRS might be able to help it with at that point but they might be able to help with basically the use of that sensitive information to file or further file fraudulent tax returns of course so email the Federation of Tax Administrators at the well there's an email there'll be a link to this in the description so you can get that email so get information on how to report victim information to the states most states require that the state attorney general be notified of the data breaches this notification process may involve multiple offices be proactive with clients that could have been impacted and should suggest appropriate actions such as obtaining an IPPIN an IPPIN or completing a form 14.039 identity theft affidavit if applicable so this is obviously one of the most difficult things to do for the tax pro because now you got to tell the client that you know there's been a breach on the data but that's of course what we want to do because we want to have them informed of anything that is going on so we want to let them know what can they do at that point in time well they could try to get an IPPIN that's going to be the the number that will help safeguard if someone tried to file a fraudulent return because you will not only need a social security number but they'll need a new IPPIN so they won't be able to use the data to file a fraudulent return which is probably the reason that they got the data they could still take the data and they could spread it out on the internet or whatever and use it for whatever ways that they want to use it or whatever but they can't use it for most likely what their original purpose was or one of them to file a fraudulent tax return now if they already filed a fraudulent tax return that's when you might want to consider the form 14.039 identity theft affidavit so in my I believe that this form is used not after they stole the data from you but after they filed the fraudulent return so if you discover that there's been a breach to your security system but you don't think they actually filed their return yet but they might have access to the information to do so then I believe you might want to do the IPPIN so that that will safeguard and block them from filing a return with that information because of the added step they would need but if you found out that they did file a fraudulent tax return that was the problem well now they already filed a fraudulent tax return and you have to go through the process of telling the IRS that was a fraudulent tax return and I believe that's when you're going to use the form identity theft affidavit 14.039 so in any case you could read up on that for more details though that's my interpretation so you can see the early security summit reminder about the importance of an IPPIN you might want to give that to your clients and suggest it to them anyways even though it's a little bit more difficult to deal with so find more information at data theft information for tax professionals there's a link to that here additional resources below we got publication 5293 data security resource guide for tax professionals provides an overview resources about how to avoid data theft tax professionals can also get help with security recommendations by reviewing IRS publication 4557 safeguarding taxpayer data and irs identity theft central pages for tax pros the tax pros should also review small business information the fundamentals by the national institute of standards and technology is there any more reading assignments you have for me ira also taxpayer tax professionals should stay connected to the irs through the subscription to e-news for tax professionals so we're doing some of that here and social media i don't need to follow your social media now now they're just now they're just getting ridiculous i need to i need to see your tweets i need to see your tweets is that anyway for more information see boost security immunity fight against identity theft there's links to all this stuff here and you and there'll be a link to this in the description