Industry News

IRS Paid $4 Billion to Fraudsters in Tax Refunds

The US Internal Revenue Service (IRS) paid approximately $4 billion in fraudulent tax refunds to identity thieves, as showed in the 2013 report by the Treasury Inspector General’s office. Fraudsters stole Social Security numbers and identification data from the innocent and used it to file tax refund claims at addresses in Bulgaria, Lithuania and Ireland.

In the US, top fraudulent destinations include Miami, Chicago, Detroit, Atlanta and Houston.

“Identity theft continues to be a serious problem with devastating consequences for taxpayers and an enormous impact on tax administration,” said J. Russell George, the Treasury’s inspector general for tax administration. The fraud “erodes taxpayer confidence in the federal tax system.”

Security researcher Brian Krebs writes that the data needed for such fraud can be found in underground “shops” where crooks purchase lists of people’s identification data, including first and last name, e-mail address and password, physical address, phone number, date of birth and Social Security number. Such a forum can sell data from tens of thousands to millions of Americans.

US citizens who think they might have fallen victim to an identity theft or work with a company that reported a security breach should contact the Identity Protection Specialized Unit of IRS toll-free at 1-800-908-4490 and let them know of the suspicion.

Another protection step would be applying for a taxpayer-specific PIN that will be required anytime a tax related claim is filed. To apply for such a PIN, people should check the IRS’s dedicated webpage here.

Further information on how to protect your identity and avoid tax fraud is provided by the Federal Trade Commission homepage.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

1 Comment

Click here to post a comment
  • Inadmisibil!
    Bulgaria si Lituania Ok, dar cum de lipseste Romania?
    Acum serios vorbind, inteleg ca IRS a fost fraudat, facut sa plateasca retrunari false, dar cum e posibil “la adrese din Bulgaria, irlanda, Lituania”?!
    Ce treaba are fiscul american cu cetateni straini?
    Si la noi au fost multe zeci de milioane de Euro returnari false de TVA, dar nu au fost facute “la adrese sin SUA< Japonia, etc"
    Cum este posibil?