In the World Wide Web, there is a part of it that is only accessible by means of special software, which allows users and website operators to remain anonymous or untraceable. That place is known as the dark web.
A cybersecurity firm called Carbon Black, released a report in April about the growing threat of obtaining inexpensive tax identity information through the dark web. Here’s what they found:
- W-2’s and 1040’s are available at a relatively low cost, ranging from $1.04 to $52. Names, social security numbers and birthdates can be obtained for a range of $.019 to $62.
- • For $1,000, a relatively inexperienced hacker can purchase authenticated access to a U.S.-based bank account, file a false tax return, claim the IRS refund and cash out via a cryptocurrency exchange for a 100+% return on investment.
- • How-to guides for cashing out other people’s tax returns are available for around $5 but one offer, claiming to be the most comprehensive guide for tax refund cash out was listed for $70.
- • A hacker can now provide stolen/purchased identity information (Name, DOB, SSN, etc.) and receive an original image of some person holding a forged passport with matching picture/information and scans of the forged identity documents.
In an article from Bleeping Computer, a summary of the report said:
“Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. This means that even the most inexperienced cybercriminals can now quickly whip up a whole new identity with just a couple of mouse clicks. It is just as easy for a crook to get his hands on the documents and credential needed for running a successful tax identity theft campaign these days as is for someone to order a pizza using a food delivery service.”
Although the IRS is taking steps to identify and stop tax fraud, there are ways that the taxpayer can take to minimize the chances of identity theft:
- • Protect your data by limiting the places your information is stored;
- • Only use secure, encrypted transfer methods when possible;
- • Never click on a link sent to you in an email, always go to the actual website;
- • If you see a small charge on your credit card that you did not make, contact your credit card issuer immediately;
- • Review your credit report annually.