WASHINGTON – Amid threats from cybercriminals, the IRS, state tax agencies and the tax industry urged employers large and small to step up cybersecurity protections against business identity theft.
Identity thieves are displaying a sophisticated knowledge of the tax code and industry filing practices as they attempt to obtain valuable data to help file fraudulent returns. To address this and protect taxpayers and their business returns, the IRS has taken steps to identify and prevent business identity theft.
“As the IRS and the Security Summit partners have strengthened our protections against tax-related identity theft, cybercriminals increasingly look for other places to find data to file fraudulent returns,” said IRS Commissioner Chuck Rettig. “We urge businesses to protect their data and watch out for warning signs that could be indicators of identity theft or fraudulent filings.”
Awareness about business identity theft is one in a series of tips offered by the Internal Revenue Service, state tax agencies and tax industry, which partner as the Security Summit to protect taxpayers. The Security Summit is marking its fourth National Tax Security Awareness Week by urging employers that they, too, can be victims of identity theft.
The week continues through tomorrow with a series of special educational efforts taking place at more than 25 partner events across the country to raise awareness about protecting taxpayers and tax professionals from identity theft. The week includes special social media efforts on platforms including Twitter and Instagram, including a special Twitter chat on @IRSnews and #TaxSecurity today.
As with fraudulent individual returns, there are certain signs that may indicate identity theft has occurred to businesses. Business, partnerships and estate and trust filers should be alert to potential identity theft and contact the IRS if they experience any of these issues:
- Extension to file requests are rejected because a tax return with the Employer Identification Number (EIN) or Social Security number (SSN) is already on file.
- An e-filed return is rejected because of a duplicate EIN or SSN is already on file with the IRS.
- An unexpected receipt of a tax transcript or IRS notice that doesn’t correspond to anything submitted by the filer.
- Failure to receive expected and routine correspondence from the IRS because the thief has changed the address.
For several years, the IRS has taken steps to help protect Form 1120-series filers, and the Security Summit effort is part of that. For example, tax software products now share many data elements with the IRS and state tax agencies. These data elements assist the IRS and states to identify suspicious tax returns and to reduce the impact to legitimate filers. This will allow legitimate returns to be processed as usual.
The IRS also now asks tax professionals preparing business-related returns to step up the “trusted customer” procedures. Tax preparation software for business-related returns asks the following questions to help protect the business filer:
- The name and SSN of the company executive authorized to sign the corporate tax return, including Form 1065. Is this person authorized to sign the return?
- Payment history – Were estimated tax payments made?
- Total income amount from prior-year filings.
- Parent company information – Is there a parent company? If yes, the name?
- Additional information based on deductions claimed.
- Filing history.
The IRS, state tax agencies and tax industry work in partnership as the Security Summit to help protect taxpayers from identity theft and refund fraud. This is the fourth in a week-long series of tips to raise awareness about identity theft. See IRS.gov/SecuritySummit for details.