FTC-IRS campaign aims to reduce most common form of ID theft: Internet Scambusters #579
Phishing and ID theft, the top rankers in our annual scams chart, are now so prevalent that even the price of stolen credentials is falling in the criminal underworld -- there's so many of them.
And the IRS is so worried about the implications that, along with the FTC, it's launching Tax Identity Theft Awareness Week this week.
We have the details on how you can make the most of this in this week's issue, along with details of the simplest phishing trick of them all.
Now, here we go...
ID Theft Glut Threatens Taxpayers
Twelve million Americans are hit by ID theft every year.
The crime has reached such epidemic proportions that the criminal underworld is awash with stolen credit card numbers and other personal information.
According to a new study by Dell SecureWorks, prices for stolen IDs have dropped by around a third during the past couple of years, costing just $25 for an American victim's details.
Worse, an individual's credit card number alone costs just $4.
If they're prepared to pay more, crooks can actually buy details of specific bank accounts that contain more than $70,000.
One of the main reasons for the glut has been the large-scale hacking of corporate databases in which thousands -- or even millions in some cases -- of records are stolen in a single swoop.
But ID thieves also still use traditional phishing techniques in which they trick victims into giving away their details in the belief that they're dealing with a legitimate site or organization.
We recently came across reports of what must rank as one of the simplest phishing tricks of all.
Crooks simply set up a website and fill it with interesting stuff -- it could be for anything, a popular game for instance -- and invite visitors to register.
They then try the user names and passwords on other sites in hopes that their victims have used the same ones elsewhere.
If ever there was proof of the importance of having a different password for each site, this is it.
For more information on setting passwords, check out this earlier issue, Get Tough With Computer Passwords and Secret Questions.
One area where identify theft is rife, and is costing the nation billions of dollars, is the IRS.
A recent report from the US Treasury Inspector General for Tax Administration said that stolen Employer Identification Numbers (EINs) alone cost more than $2.25 billion a year.
And that's only a fraction of how much the IRS pays out in bogus refunds claimed by crooks using stolen IDs that including Social Security numbers (SSNs).
Against this background, the IRS has teamed up with the Federal Trade Commission to make this week (January 13 to 17) Tax Identity Theft Awareness Week.
"Tax identity theft is the most common form of identity theft reported to the FTC," says the Commission. "It happens when someone files a phony tax return using your personal information -- like your Social Security number -- to get a refund from the IRS.
"Tax identity theft also happens when someone uses your Social Security number to get a job or claims your child as a dependent on a tax return."
One way crooks get their hands on these details is by sending emails, pretending to be from the IRS, asking for personal information.
But it's not the only way. The thieves may rifle through your trash, or dishonest employees at other organizations that hold your confidential information may simply steal and sell it.
Even dishonest tax preparers may pass your information to identify thieves.
You can reduce the risk of being a tax ID theft victim, says the FTC by:
- Filing your return as early as possible -- to get in ahead of the crooks.
- If you file electronically, doing so from a secure connection (like your home) not a public place.
- Shredding all your calculation sheets and other unneeded documents when you're done.
- Knowing the IRS won't ask for personal information by email or other electronic messages. They'll write a proper letter if they need to.
- Avoiding disclosing your SSN or Medicare number to anyone, where possible. If you must give it, find out why, how it will be used and how it will be stored.
Even so, it's not always possible to prevent the loss of your information. So the next best thing is to know when it's happened.
This week's campaign includes a national webinar to help people spot ID theft clues.
The teach-in will be streamed in both English and Spanish (at 1:30pm and 3:30pm respectively) on January 15.
(At the time of this writing, the FTC had not published the link to the webinar site but you should be able to get details now from the Tax Identity Theft Awareness Week Consumer Information page.)
If you're a blogger, article writer or involved in any kind of community activity where you can publicize this crime and this week's events, the FTC has a lot of downloadable material including flyers and sample articles.
Use the link we gave for the webinars to access these.
Finally, it's worth knowing that the IRS has a special investigation unit to deal with tax ID theft.
If you think you may be a victim, contact them at 1-800-908-4490. You can also find more information at the IRS Identity Protection page.
As you know, we always ask readers to pass their Scambusters newsletter on to others.
By doing that this week, you may be help them avoid becoming a victim of tax ID theft.
That's it for today -- we hope you enjoy your week!