Published February 04, 2013
The Internal Revenue Service began accepting 2012 tax returns this week, sending thousands of individual taxpayers and tax professionals to their computers to fill out forms and then e-file them.
You, however, are an electronic tax-filing holdout. You've heard the reports about all the tax-related identity theft. So you're still sending Uncle Sam your tax data on paper.
You might want to reconsider.
Yes, tax-time identity theft is a growing problem. A Government Accountability Office, or GAO, investigation last fall found that as of Sept. 30, 2012, the IRS had identified almost 642,000 incidents of identity theft.
Worse, according to the GAO, the IRS does not know the full extent of tax-filing ID theft. While the agency keeps count of the occurrences it discovers, it does not estimate the number of identity theft cases that go undetected.
Worst, the ID thieves are getting away with it. Unless the IRS pursues a criminal investigation, says the GAO, the feds generally do not know the real identity of the thieves.
But while the identity thieves do e-file fraudulent returns using stolen information from real taxpayers, the security breach that allowed them to get the info generally doesn't come from the e-filing system.
"For the most part, there is not substantially more risk for e-filing," says Denis G. Kelly, president of IDCuffs.com, an identity theft prevention and protection company. "In fact, when the check-clearing process was changed from physical checks to digital checks, the percentage of fraud decreased. The consensus for this decrease is the number of eyes that see checks in the process was significantly reduced."
So those thieving eyes get your tax and personal financial information from other sources and then use it to file a fake tax return in your name, usually tweaking the numbers to get a large refund.
And you, the taxpayer whose ID has been stolen, don't find out about it until you file your own 1040 and are told by the IRS that they already sent you your refund.
Jay Foley, a partner at ID Theft Info Source in San Diego, says a major problem is where a taxpayer's personal data is stored.
Reports of former tax preparation firm employees stealing client data is not uncommon, says Foley. "If I were an identity thief, I'd find a CPA office, steal a copy of his files and dummy up tax returns and shoot them through before his clients file. Tax thieves will shoot off a thousand returns. If they only get 200 back as fraudulent refunds, that's great. That's still 200 more than they had to begin with."
So what can you do to prevent tax-related identity theft? The same thing, say security experts at TrustedID, that you do at nontax time:
Don't talk to strangers. File your taxes with a reputable tax professional or use legitimate tax prep software programs.
Don't fall for phishing schemes. The IRS does not initiate communications with taxpayers via email or phone. So that urgent email message about a possible refund is probably a scam.
Do update your computer spyware and firewall. If you do open a malicious email, it could protect you from malware designed to steal your personal information.
Go ahead and e-file, and soon.
"An argument could be made that e-filing actually decreases the rate of tax identity theft," says Kelly, in part because it reduces the number of possible criminals who handle your return and see your personal data.
Plus, says Kelly, "the absolute best tactic to prevent a criminal from stealing your tax refund is to file before them."
Want the latest news on taxes, tax reform prospects, filing deadlines, Internal Revenue Service alerts and tax-saving tips? Subscribe to Bankrate's free Daily Tax Tip newsletter, our Weekly Tax Tip newsletter or, if you're a true tax geek, both!
You also can follow me on Twitter @taxtweet.
Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.