IRS: Top 10 things every taxpayer should know about identity theft

As part of a look at the impact of identity theft and the Internal Revenue Service, watchdogs at the Government Accountability Office issued the IRS' top 10 list of identity theft information everyone should be aware of. Some of the information is obvious, perhaps, but overall even the basics of security were followed in many cases the impact of identity theft could be reduced.

From the GAO: In 2010 alone, IRS identified more than 245,000 identity theft incidents that affected the tax system. The hundreds of thousands of taxpayers with tax problems caused by identity theft represent a small percentage of the expected 140 million individual returns filed, but for those affected, the problems can be quite serious.

MORE ON CYBERCRIME: FBI: Internet crime high; types of misdeeds changing

"The IRS provides taxpayers with targeted information to increase their awareness of identity theft, tips and suggestions for safeguarding taxpayers' personal information, and information to help them better understand tax administration issues related to identity theft," the GAO states.

The list:

1. The IRS does not initiate contact with a taxpayer by email.

2. If you receive a scam email claiming to be from the IRS, forward it to the IRS at

3. Identity thieves get your personal information by many different means, including:

● stealing your wallet or purse;

● posing as someone who needs information about you through a phone call or email;

● looking through your trash for personal information;

● accessing information you provide to an unsecured Internet site.

4. If you discover a website that claims to be the IRS but does not begin with "," forward that link to the IRS at

5. To learn how to identify a secure website, visit the Federal Trade Commission at

6. If your Social Security number is stolen, another individual may use it to get a job. That person's employer may then report income earned to the IRS using your Social Security number, thus making it appear that you did not report all of your income on your tax return.

7. Your identity may have been stolen if a letter from the IRS indicates more than one tax return was filed for you or the letter states you received wages from an employer you don't know. If you receive such a letter from the IRS, leading you to believe your identity has been stolen, respond immediately to the name, address or phone number on the IRS notice.

8. If your tax records are not currently affected by identity theft, but you believe you may be at risk due to a lost wallet, questionable credit card activity or credit report, you need to provide the IRS with proof of your identity. You should submit a copy of your valid government-issued identification -- such as a Social Security card, driver's license or passport -- along with a copy of a police report and/or a completed Form 14039, Identity Theft Affidavit. As an option, you can also contact the IRS Identity Protection Specialized Unit, toll-free at 800-908-4490. You should also follow FTC guidance for reporting identity theft at

9. Show your Social Security card to your employer when you start a job or to your financial institution for tax reporting purposes. Do not routinely carry your card or other documents that display your Social Security number.

10. For more information about identity theft -- including information about how to report identity theft, phishing and related fraudulent activity -- visit the IRS Identity Theft and Your Tax Records Page, which you can find by searching "Identity Theft" on the home page.

Follow Michael Cooney on Twitter: nwwlayer8

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags IRSsecuritylegalgovernmentindustry verticalsIdentity fraud / theftcybercrime

More about FBIFederal Trade CommissionFTCInternal Revenue ServiceIRSIRSLAN

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Cooney

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place