The Treasury Inspector General for Tax Administration (TIGTA) recently audited the Sustaining Infrastructure Program of the Internal Revenue Service (IRS) and found that, since 2013, the percentage of information technology hardware the IRS is using that is beyond its useful life has increased from 40% to its current rate of 64%. Aged hardware is more likely to fail, negatively impacting employee productivity, information security, and customer service.
The IRS Security Summit issued a warning to tax professionals about a new e-mail scam by cybercriminals posing as potential clients. Scammers are sending phishing e-mails in two parts, beginning with a standard solicitation for services followed by a second email with an embedded web address or PDF attachment with an embedded web address. When the tax professional thinks they are accessing a new client's tax information, in reality they are opening up their system for the scammer to collect personal information for illegitimate use.
Beginning October 24, 2016, the IRS will be strengthening the identity authentication process of its e-services platform. If you currently use any IRS e-services, you must re-register and validate your identity to continue having access to any e-services products. This will involve a Secure Access process to validate your identity, which includes identity proofing, financial verification and mobile phone verification. For details, click here: Important Update for Your e-services Account.
The Security Summit, a partnership between the IRS, state tax agencies, and private-sector tax industry executives, met on June 28, 2016 to review its first-year successes and strategize for 2017. The Summit focused on improving authentication procedures, information sharing, cybersecurity, and public outreach to help keep taxpayers' data and money safe.
The Internal Revenue Service (IRS) has returned its Get Transcript Online tool back into service after disabling it in Spring 2015 due to security issues. With a "more rigorous e-authentication process" in place, all users can access copies of their tax transcripts and other tax-related information through the IRS' website once more. For taxpayers who find the new, two-step authentication process difficult, the IRS continues to offer more traditional ways to request and receive such data.
On April 28, 2016, the House Ways and Means Committee voted to pass a trio of bills affecting taxpayer information. One bill requires the IRS to notify victims of identity theft and also imposes new penalties on identity thieves; another bill limits the information certain tax-exempt organizations must reveal regarding their contributors; the third bill allows the IRS to provide taxpayer information to the police to help find missing children. The three bills, respectively, are H.R. 3832; H.R. 5053; and H.R. 3209.
On April 19, 2016, Internal Revenue Service Commissioner Koskinen testified before the House Ways and Means Committee Subcommittee on Oversight regarding the 2016 filing season and data security. His testimony provided a summary of data current through the beginning of April.
The Internal Revenue Service (IRS) has issued a warning regarding yet another scam tactic criminals are using this year to steal taxpayers' personal information and refund money. The new approach involves obtaining remote access to tax preparers' computer systems. Tax professionals are strongly encouraged to review and strengthen their computer security immediately.
The Internal Reveue Service (IRS) has temporarily suspended its online Identity Protection PIN tool in order to conduct a review of the security features of the application. The IP PIN is a six-digit number taxpayers can use as "an additional layer of protection" against identity theft. As of the end of February 2016, the IRS prevented 800 cases of tax fraud using these PIN numbers.
The Internal Revenue Service has been working with the states and tax professionals to increase security for taxpayers. The IRS reminds taxpayers of scams to avoid as part of its "Dirty Dozen" series. Identity theft at tax season is the first on its list.