IP PINs Make Tax Returns More Secure

IP PINs Make Tax Returns More Secure

Six little numbers.

They could be all the difference between a happy taxpayer and someone who’s fallen victim to identity thieves.

The six numbers make up an Identity Protection Personal Identification Number, also known as an IP PIN, and they can help to keep taxpayers’ personal financial information, well, personal.

An IP PIN is a six-digit number known only to the taxpayer and the IRS, assigned to eligible taxpayers to help stop the misuse of their Social Security number or Individual Taxpayer Identification Number (ITIN). Identity thieves file fake income tax returns using these numbers to claim fraudulent refunds. 

Try Drake Tax for free! Download now!

Originally, the IP PIN was meant only for taxpayers who were known to be victims of tax-related identity theft. The program was expanded earlier this year to cover any taxpayer in the U.S. who would like the extra protection an IP PIN affords on returns filed with the IRS.

“When people have this special code, it prevents someone else from filing a tax return in their name,” said IRS Commissioner Chuck Rettig. “The fastest way to get an Identity Protection PIN is to use our online tool, but keep in mind people must pass a rigorous authentication process. We must know that the person asking for the IP PIN is who they really say they are.”

More than 5 million American taxpayers protect themselves now with an IP PIN, and the IRS recently made the process of acquiring an IP PIN easier than before.

The fastest and easiest way to get an IP PIN is online, using the IRS’ Get an IP PIN tool.

Whether the return is filed electronically or on paper, the six-digit IP PIN helps the IRS confirm that the filing taxpayer is who they say they are. The tool, at IRS.gov/ippin, provides a quick way to obtain an IP PIN; it’s also where participating taxpayers will go to get an IP PIN for the next year.

Each IP PIN is good for one year. Participating taxpayers will have to go online each January to get a new IP PIN to remain in the program.

In 2022, the Get an IP PIN tool is slated to go online January 10.

Here are some other things taxpayers need to know about the IP PIN program:

  • No identity theft affidavit is required for taxpayers opting in. This means that anyone who voluntarily applies for an IP PIN doesn’t need to file Form 14039, Identity Theft Affidavit, with the IRS.
  • Be sure to enter the IP PIN on any return, whether it is filed electronically or on paper. This includes any amended returns or returns for prior years. Doing so will help avoid processing delays or having the return rejected by the IRS.
  • Anyone with either a Social Security number (SSN) or Individual Taxpayer Identification Number (ITIN) who can verify their identity is eligible for the IP PIN opt-in program.
  • Any eligible family member can get an IP PIN. This includes the primary taxpayer (the person listed first on a tax return), the secondary taxpayer (on a joint return, the person listed second on the return) or any of their dependents.
  • With one key exception, never reveal an IP PIN to anyone. The only exception is a taxpayer who uses a trusted tax professional to file their return. Even then, only share the IP PIN with the trusted tax pro when it is time to sign and submit the return. The IRS will never ask for an IP PIN. Remember to watch out: Phone calls, emails and texts requesting an IP PIN are scams.
  • Identity theft victims should still fill out an ID theft affidavit. This means that any confirmed victim of tax-related identity theft still needs to file Form 14039 with the IRS if their e-filed tax return was rejected by the agency due to a duplicate SSN filing. The IRS will then investigate their case. Once the fraudulent tax return is removed from their account, the IRS will automatically mail an IP PIN to the confirmed victim at the start of the next calendar year. Because of security risks, confirmed identity theft victims cannot opt out of the IP PIN program.

Can’t pass the online authentication process?

Taxpayers who cannot pass the IRS online identity authentication process have a couple of options. One option is to file Form 15227. For the 2022 processing year, those taxpayers with an adjusted gross income of $73,000 or less (or an AGI of $146,000 or less for married filing jointly) can fill out Form 15227 and then either mail or fax it to the IRS.

The taxpayer needs access to a telephone, since the IRS representative will call the taxpayer to verify their identity. Note that this option is slower than the online tool, since it will take about a month for successful IP PIN applicants to actually receive their PIN.

The second option involves making an appointment with an IRS Taxpayer Assistance Center, or TAC. Taxpayers using this option should bring two forms of picture identification to the TAC appointment. Successful applicants will have their IP PIN mailed to them immediately after their visit; however, the IRS suggests allowing three weeks for delivery.

To find a local TAC, use the IRS Local Office Locator online tool or call 844-545-5640.

This is National Tax Security Awareness Week, which is sponsored by the Security Summit, a partnership between the IRS, state taxing agencies and tax-industry leaders. This alliance of public and private sectors has strengthened defenses against those criminals who would file fraudulent tax returns and steal refunds.

Source: IR-2021-238

Story provided by TaxingSubjects.com

It’s Time for a Security Checkup

It’s Time for a Security Checkup

Aside from being required by the FTC to have a written data security plan, criminals have increasingly been targeting tax professionals with phishing emails and social media messages. The pandemic—it turns out—has simply given them even more opportunities to create fraudulent government announcements.

To help prevent future tax-office data breaches, the Security Summit is recommending that tax pros review their security protocols before tax season begins. What better place to start than with the fundamentals?

Try Drake Tax for free! Download now!

What are the “Security Six?”

The IRS describes that the Security Six as “easy steps [that] can make a big difference, both for tax pros and taxpayers.” So, let’s take a look at what they recommend:

  • Use anti-virus software and set it for automatic updates to keep systems secure. This includes all digital products, computers, and mobile phones.
  • Use firewalls. Firewalls help shield computers from outside attacks but cannot protect systems in cases where users accidentally download malware, for example, from phishing email scams.
  • Use multi-factor authentication to protect all online accounts, especially tax products, cloud software providers, email providers and social media.
  • Back up sensitive files, especially client data, to secure external sources, such as external hard drive or cloud storage.
  • Encrypt data. Tax professionals should consider drive encryption products for full-drive encryption. This will encrypt all data.
  • Use a Virtual Private Network (VPN) product. As more practitioners work remotely during the pandemic, a VPN is critical for secure connections.

The IRS press release also notes that learning to identify and avoid common phishing scams is an essential step in avoiding data theft. Tax-pro-specific scams tend to have messages about expired account passwords, EFIN verification, and e-filing-related messages that appear to come from the IRS.

What should I do if I receive a phishing email or social media message?

First, never open an email or social media message that you suspect is a phishing scam. If you accidentally open the email, make sure you don’t click on any attachments or embedded links, since they could lead to a fake website or contain information-stealing malware or ransomware.

If you think you’ve received a tax-related phishing scam, be sure to report it to the IRS and TIGTA. That way, they can add it to their database of current scams and warn other tax professionals and taxpayers about it.

Remember, when it comes to data security, we’re all in this together.

Where can I find a sample tax office security plan?

In addition to reviewing these basic tips, you can check out the Drake Software Tax Office Security Plan. This sample security is composed of a series of worksheets that address common security-related issues, like classifying stored information, identifying threats, and prioritizing potential issues.

Visit our “Easy Steps to Create Your Mandatory Tax Office Security Plan (SAMPLE INCLUDED!)” blog to download a free copy.

Source: IR-2021-239

Story provided by TaxingSubjects.com

Don’t Fall for Fake Charities

Don't Fall for Fake Charities

With the passage of Thanksgiving, Americans are shifting into gifting mode. For many, that means giving a holiday monetary gift to a well-deserving charity of one sort or another.

Unfortunately, scammers can use this noble intention to enrich themselves through fake charities. While the scammers’ main prize is money, they also can use the fake charity platform to download the taxpayer’s sensitive personal and financial information.

Merry Christmas indeed.

To help combat these thieves, the Internal Revenue Service wants taxpayers to know just who they’re giving to, and how to access that information.

The bright side of this warning is that much of this fake philanthropy can be avoided. The Security Summit, which is made up of representatives from state tax agencies, the nation’s tax community and the IRS, says the easiest and most effective way to be sure a charity is legitimate is to use the IRS’ Tax Exempt Organization Search Tool.

The IRS maintains a database of all federally recognized tax-exempt organizations. Using the online tool to check out a charity may be as simple as entering the charity’s name in the tool and seeing if it comes back as legitimate.

If a charity isn’t on the list of recognized organizations, donations to that organization can’t be tax-deductible. At worst, the charity could be a scam.

‘Tis the season for scammers

The Christmas holiday season can be one long payday for scammers. Between holiday shopping, the coming tax season and the pandemic, scammers have numerous opportunities to steal what were supposed to be charitable donations or highjack personal information.

The Security Summit members warn taxpayers to be especially careful this time of year when shopping online or viewing emails or texts.

Scammers will stop at nothing to get into a taxpayer’s wallet, setting up bogus organizations to take advantage of the public’s generosity. They use tragedies and disasters to appeal to taxpayers’ desire to help others.

Scammers also use phone calls

Some scammers us the telephone to advance their phony charities; those seeking donations for disaster relief are especially common over the phone. As with online charities, taxpayers should check out the charity before they donate, and should never feel pressured to give right away.

No matter what the charity, no matter whether the appeal is made online or by phone, here are the best ways to avoid being scammed by a fake charity:

  • Individuals should never let any caller pressure them. A legitimate charity will be happy to get a donation at any time, so there’s no rush. Donors are encouraged to take time to do their own research.
  • Confirm the charity is real. Potential donors should ask the fundraiser for the charity’s exact name, website and mailing address so they can confirm it later. Some dishonest telemarketers use names that sound like well-known charities to confuse people.
  • Be careful about how a donation is made. Taxpayers shouldn’t work with charities that ask for donations by giving numbers from a gift card or by wiring money. That’s a scam. It’s safest to pay by credit card or check –– and only after researching the charity.

This is National Tax Security Awareness Week. The IRS and its Security Summit partners issued this alert to help taxpayers guard themselves against identity theft and the theft of sensitive tax information—all are methods used to file fake tax returns and obtain bogus refunds.

For more information on the Security Summit and identity theft, see IRS.gov/securitysummit for details.

Source: IR-2021-237

Story provided by TaxingSubjects.com

IRS Notices CP08 and CP09

IRS Notices CP08 and CP09

Now that the IRS is putting the wraps on the last installment of the Advance Child Tax Credit payments for 2021, some taxpayers who didn’t apply for other credits might get a reminder to do a little extra checking.

For some taxpayers, these notices may be the gateway to an additional refund from the IRS.

Taxpayers could get one or both of two possible notices—either a CP08 or a CP09, depending on their circumstances—and they may not understand why they suddenly got a letter from the IRS out of the blue.

Here’s a brief rundown.

Understanding the CP08 Notice

Both notices could be considered a reminder of sorts, dealing with IRS tax credits. The CP08 notice is for taxpayers who may qualify for the Additional Child Tax Credit and could be eligible to receive additional money.

This notice urges taxpayers to read its instructions carefully and to fill out the Additional Child Tax Credit worksheet that’s attached to Form 15110.

If the worksheet verifies that the taxpayer has at least one qualifying child, the taxpayer should sign and date the Form 15110 and fill out Form 1040 Schedule 8812, Additional Child Tax Credit.

The Form 15110 and the Schedule 882 should be mailed to the IRS in the provided envelope.

If the envelope that’s provided is lost or otherwise cannot be used, the address for the correct IRS service center is printed in the top left corner of the notice. 

Once mailed, the documents go to the IRS for review. Taxpayers who successfully claim the credit should get their refunds in about eight to 10 weeks. Those who are denied will get a letter from the IRS telling them why they were turned down.

To find more information about the Additional Child Tax Credit, see Publication 972, the Child Tax Credit and Credit for Other Dependents; and the Instructions for Form 1040.

Understanding the CP09 Notice

The CP09 notice reminds taxpayers they may qualify for the Earned Income Tax Credit, also known as the EITC, but they failed to claim the credit the last time they filed a return.

The EITC is a credit for taxpayers who work and have earned income. The credit could give some taxpayers a refund, even if they don’t owe any tax.

After reading this notice carefully, recipient taxpayers should fill out the Earned Income Tax Credit worksheet on Form 15111 that accompanies the notice.

If the worksheet shows the taxpayer is qualified for the credit, Form 15111 should be signed and dated, then mailed in the envelope that came with the notice. Like the CP08 notice, the CP09 notice must be sent to the proper IRS processing center.

If the provided envelope isn’t available, taxpayers should mail their completed documents to the IRS address in the top left of their notice.

Taxpayers who are not qualified for the credit should not mail Form 15111 to the IRS; no other action is needed in that case.

Taxpayers who are eligible after review for the credit should get their refund checks in about six to eight weeks, if they don’t owe any back taxes or other debts that the IRS is required to collect.

Taxpayers who are rejected by the IRS review are sent letters of explanation.

For more information on the Earned Income Credit, see Publication 596, Earned Income Credit, or visit the EITC webpage on IRS.gov.

Sources: Understanding Your CP08 Notice; Understanding Your CP09 Notice

Story provided by TaxingSubjects.com

Stay Safe on Cyber Monday

Stay Safe on Cyber Monday

Cyber Monday traditionally closes out the busiest holiday shopping weekend of the year, which sees Americans swarming stores and crawling websites for post-Thanksgiving sales. Despite predictions of fewer in-person shoppers and eye-popping deals, there’s no doubt that consumers want to get the best bang for their buck.  

Unfortunately, that laser-like focus puts Americans at risk of falling victim to the myriad phishing scams deployed this time of year. After all, people are even more likely to click on unsolicited sale emails and web ads when they’re desperately trying to track down The Perfect Gift™.

To help combat these holiday scams, the Security Summit is kicking off this year’s National Tax Security Awareness Week with ten tips for keeping your information out of criminals’ hands on Cyber Monday (and beyond).

What is the Security Summit?

The Security Summit is an organization composed of the Internal Revenue Service, state departments of revenue, and private members of the tax industry. They provide data-security recommendations and raise awareness of tax-based scams and threats.

What is National Tax Security Awareness Week?

National Tax Security Awareness Week is the Summit’s annual data security awareness campaign. For six years, they have promoted data security tips and highlighted phishing scams in an effort to combat identity theft tax refund fraud and other online data theft crimes.    

How do I safely shop on Cyber Monday?

The Summit recommends taxpayers do these ten things to prevent data theft:

  • Don’t forget to use security software for computers, tablets and mobile phones – and keep it updated. Protect electronic devices of family members, especially teens and young children.
  • Make sure anti-virus software for computers has a feature to stop malware, and there is a firewall enabled that can prevent intrusions.
  • Phishing scams – like imposter emails, calls and texts — are the No. 1 way thieves steal personal data. Don’t open links or attachments on suspicious emails. This year, fraud scams related to COVID-19, Economic Impact Payments and other tax law changes are common.
  • Use strong and unique passwords for online accounts. Use a phrase or series of words that can be easily remembered or use a password manager.
  • Use multi-factor authentication whenever possible. Many email providers and social media sites offer this feature. It helps prevent thieves from easily hacking accounts.
  • Shop at sites where the web address begins with “https” – the “s” is for secure communications over the computer network. Also, look for the “padlock” icon in the browser window.
  • Don’t shop on unsecured public Wi-Fi in places like a mall. Remember, thieves can eavesdrop.
  • At home, secure home Wi-Fi with a password. With more homes connected to the web, secured systems become more important, from wireless printers, wireless door locks to wireless thermometers. These can be access points for identity thieves.
  • Back up files on computers and mobile phones. A cloud service or an external hard drive can be used to copy information from computers or phones – providing an important place to recover financial or tax data.
  • Working from home? Consider creating a virtual private network (VPN) to securely connect to your workplace.

While many of these tips are straightforward, two can be a little trickier to follow: knowing how to deal with phishing scams and getting a reputable VPN.

When it comes to avoiding phishing scams, here are three general tips:

  • Don’t open unsolicited emails or social media messages.
  • Don’t click links in emails, social media messages, or website ads.
  • Don’t assume the sender name on emails and social media messages is who actually sent the message—criminals can and will impersonate or take over individual and business accounts.

Remember, if something seems too good to be true, it probably is. Instead of following links in emails or social messages, visit the company’s website directly.

As for finding a VPN that’s a good fit for your office, check out the “Working Virtually: Use a virtual private network to secure remote locations; Part 3 of Security Summit tips for tax professionals” press release.

Where can I find additional data-security resources?

The IRS closed their press release with links to the following resources:

What will the Security Summit cover next?

Tomorrow, the Security Summit has tips for avoiding fake charity scams—just in time for Giving Tuesday!

Sources: IR-2021-233; IR-2021-236

Story provided by TaxingSubjects.com