guest commentary by David Potts
David Potts is a certified public accountant with more than 25 years experience. Although every effort is made to provide you accurate and timely tax information, it is general in nature and not specific to your facts and circumstances. Consult a qualified tax professional to discuss your particular case.
Feel free to e-mail topic suggestions or questions to firstname.lastname@example.org
Give me your name, address, birth date, and Social Security number and I can become you. That is identity theft. If I can get your credit card or your bank account number, I can then have a payday.
Everybody knows about identity theft. That’s why I’m amazed how loose most people are with their personal information. Facebook encourages you to disclose all your personal information except for your Social Security number and people willingly provide this information. The only reason Google+ doesn’t ask for your Social Security number is because they probably already have it. It seems that unless you’ve been a victim of identity theft, it’s not a great concern.
Consider this: most people either fear or respect the IRS, yet identity theft has become a significant problem the IRS must deal with.
Last week I was perusing the “Written Testimony of Beth Tucker, Deputy Commissioner for Operations Support, Internal Revenue Service, Before the House Committee on the Oversight and Government Reform, Subcommittee on Government Organization, Efficiency and Financial Management on Identity Theft on November 29, 2012.” She was writing on the successes the IRS has had in preventing identity theft within the IRS. I was most impressed with the length of the document’s title.
A couple successes that Tucker identified were:
• “On September 21, 2012, and Arizona woman was sentenced to 36 months in prison and ordered to pay $386,938 in restitution on charges related to her involvement in a conspiracy to commit identity theft. The defendant utilized stolen identities to file 180 tax returns to falsely claim more than $1 million in tax refunds. The defendant concealed the fraud by filing the tax returns electronically using the unsecured wireless networks of neighbors, directing the refunds to prepaid debit card accounts obtained using false identities, and recruiting friends and associates to receive the prepaid debit cards by mail at various addresses.”
• “We expanded the use of our list of prisoners to better stop the processing of problematic returns.” [I never knew prisoners were taxpayers. But then that’s not my target market. I wonder if they use Turbo Tax?] “In fiscal year 2012, we stopped over 220,000 fraudulent returns filed by prisoners. This represents over 2.5 billion in refunds stopped, a more than 10% increase over last fiscal year.”
That same day Tucker filed her written testimony, Nov. 29, 2012, the United States Government Accountability Office released a report titled "Identity Theft; Total Extent of Refund Fraud Using Stolen Identities is Unknown."
Just so there is no confusion, I’m not inferring the IRS is incompetent. The IRS is very competent, both in processing millions of tax returns annually and in keeping sensitive information private. I’m using the IRS as an example to illustrate there are crooks out there with no fear of getting caught. I personally would be afraid to screw with the IRS. I’m betting that using identify theft to steal is a safe profession.
So where did that Arizona woman get a hold of 180 stolen taxpayer identities? And in this particular case I don’t know the answer, but I recently read that one of the most common sources of identity theft is a company’s personnel files. That makes me wonder how many businesses are contributing, although inadvertently, to the success of identity thieves?
I work with businesses every day. It’s common to see QuickBooks files without passwords; people throwing documents with somebody’s personal information in the trash when that document should have been shred; or filing sensitive personnel or customer information in unlocked cabinets or desk drawers. These actions are not intentional or the result of gross negligence. What is missing is the awareness of the possible injury to a customer or employee if personal information is not kept secure.
As the custodian of sensitive personal information, are you protecting your employees and customers from harm? You may not be the victim of identity theft anytime soon, but you could be a contributing cause.