Best practices to deter and deal with identity theft

FraudThe volume and magnitude of identity theft incidents have grown to an alarming extent. Last year, more than 9.9 million Americans were victims of identity theft, a crime that cost them roughly $5 billion. Tax-related identity theft crimes have also risen dramatically. TIGTA reports that 2,416,773 taxpayers were affected by identity theft in 2013, nearly double the number of victims in 2012, nearly quadruple the number in 2011, and nearly ten times the number in 2010. Predictions say the number of victims will again show an increase when 2014 and 2015 tax-year return statistics come in, even though the IRS and practitioners have been reacting more aggressively to stem the tide.

Best Practices to Deter Identity Theft

There are simple and worthwhile precautions that individuals can take to minimize the vulnerability of personally identifiable information. And should identity theft prove inevitable, even despite best practices, following tips such as reviewing monthly bank statements, obtaining a credit report at least once a year, etc., will allow an individual to notice fraudulent activity when it begins, which is key to a swift response that will contain the extent of the fraud and minimize the damage.

  • Secure personal information in the home and workplace. This includes shredding documents that contain personally identifiable information, such as bank statements.
  • Protect personal computers using firewalls, antivirus software, and security patches.
  • Secure wireless networks.
  • Create strong passwords and frequently change them.
  • Double-check a website’s URL before entering any personal information. For example, confirm that a page that appears to be a government website is followed by .gov.
  • Do not close a browser before logging out of a website.
  • Encrypt and password protect sensitive documents.
  • Check for a “lock” icon on the status bar of your Internet browser, which means your information should be safe when it’s transmitted.
  • Set online account settings that send an email or text message if someone attempts to log on to an account from an unrecognized computer or change a password.
  • Put passwords on all of your credit card and bank accounts.
  • Consider identity theft detection services, which include Lifelock and IdentityForce.

Identity Theft Indicators and Responses

People are generally familiar with the multitude of signs of non-tax related identity theft, including unfamiliar credit card charges, unexpected cards arriving, and overdrawn bank accounts. However, individuals may be less familiar with the signs of tax-related identity theft.

According to the Taxpayer Advocate Service (TAS), the most common indicators that an individual is a victim of tax-related identity theft are:

  • A taxpayer attempts to file a return electronically, but the IRS rejects the return stating that another return with the taxpayer’s SSN has already been filed;
  • A taxpayer receives an IRS notice indicating that wages were received from an establishment at which the taxpayer never worked;
  • A taxpayer receives a letter from the IRS indicating either that: (1) a return has already been filed, when the taxpayer has not yet filed a return; or (2) multiple returns have been filed; or
  • A taxpayer receives a balance due notice, refund offset notice, or collection actions taken against the taxpayer regarding a year for which no return was filed nor refund received.

Steps to Take When Identity Theft is Suspected

Once an individual learns that his or her personally identifiable information has been compromised, there are certain steps that one can immediately take in order to prevent, or at least contain, fraudulent misuse.

  • File a report with the FTC.
  • File Form 14039 with the IRS.
  • Contact the IRS Identity Protection Specialized Unit at (800) 908-4490.
  • Immediately replace lost or stolen government identification (i.e., passport, driver’s license).
  • Immediately replace lost or stolen credit, debit, and charge cards.
  • Immediately change logins, passwords, and PINs for compromised accounts.
  • Obtain a current credit report.
  • Call the fraud departments at any credit card, cell phone, or other businesses where accounts may have been compromised to get records regarding the identity theft.
  • Challenge liability for any unauthorized transactions.
  • Freeze or close the accounts at issue so that charges may only be approved with the individual’s authorization.
  • Contact the credit reporting agencies and have a Fraud Alert added to your credit report.
  • Send a copy of the completed Identity Theft Report to the credit reporting agencies and request that each block any fraudulent transactions from appearing on a credit report.

Responses Specific to Tax-Related Identity Theft

There are additional steps that a victim of tax-related identity theft should take to correct the individual’s tax account and prevent further misuse.

  • Complete an FTC Identity Theft Affidavit.
  • Bring the completed FTC Identity Theft Affidavit to the local police department, and file a police report.
  • File an online complaint with the FBI’s Internet Crime Complaint Center (IC3) at
  • Create an Identity Theft Report by combining Identity Theft Affidavit with police report.
  • File IRS Form 14039 Identity Theft Affidavit and select the box that states “I am a victim of identity theft AND it is affecting my federal tax records.”
  • Contact the IRS Identity Protection Specialized Unit by phone at (800) 908-4490.
  • If an IRS Letter 5071C is received, the taxpayer’s identity may have been compromised. Recipients must verify their identities by calling the number on the letter, or by using the IRS’s online Identity Verification tool, available online at:
  • If an IRS Letter CP01A or CPO1F is received, the taxpayer has been identified as a possible identity theft victim and may request an IP PIN to further protect the taxpayer’s account from tax-related identity theft.