When filling out FAFSA forms, people tend to use the Data Retrieval Tool to import tax information from the IRS and automatically populate the application with those details. this past fall, it was discovered that attackers could possibly take advantage of this tool, and they might use the stolen data to file fraudulent tax returns and steal refunds. Despite this possible threat, the tool remained available because up to 15 million people utilized it.
The Data Retrieval Tool was shut down in March after an unusual amount of uncompleted forms were discovered - a sign of an attack. Hackers posed as students by obtaining personal information outside the tax system and used the tool to access tax returns. the data gained from these returns were used to file for tax returns. Questionable tax returns were filed by people who had used the tool, and those returns have already been stopped. Though, the IRS suspects about 8,000 fraudulent returns were filed, processed, and refunded for a total of $30 million.
The shutdown also affects those applying for an income-driven repayment plan. Those applying for an income-driven repayment plan should submit alternative documentation of income to their federal loan services after they complete and submit the online application. The process of submitting alternative documentation of income is explained as a part of the online application.
While the Data Retrieval Tool is unavailable, the applications are still available and operable. The information needed to complete the FAFSA or the income-driven repayment plan can be found on the 2015 tax return. If one is not available, you may obtain a transcript through Get Transcript Online. If you also need access to your credit report, follow the steps provided by the Federal Trade Commission to acquire a free copy.
The extend of the breach is unknown, but the IRS is in the process of contacting 100,000 taxpayers to inform them their data may have been compromised. So far, they have sent out 35,000 letters to potential victims. If you have used the Data Retrieval Tool this year and have not received a letter, be sure to reach out to the IRS to make sure no fraudulent returns were filed under your name.
If you have been notified, contact one of the three Credit Reporting agencies: Transunion, Equifax, or Experian. Notify your bank and credit card companies of what has happened. If you do online banking or manage your credit card accounts online, place alerts on each account so you'll be notified of any transaction. Also, visit IdentityTheft.gov for any further assistance you may need.
The IRS is planning to launch a more secure version of the tool for the next application cycle in October.
For more information on the Data Retrieval Tool shut down, please visit The New York Times and the U.S. Department of Education.
While the IRS Impersonation Phone Calls still manage to trick people into handing over their personal information, scammers have found other phone call methods to utilize. These are:
The “Federal Student Tax”:
Scammers impersonating the IRS try and contact students to convince them they must pay the “federal student tax,” even past the tax deadline. If the victim does not cooperate, they are threatened to be reported to the police.
The IRS will not call to demand an immediate payment over the phone, nor will they threaten to bring in law enforcement. They also won’t call about taxes owed without having mailed a bill first.
“Verifying” Tax Return Information on the Phone:
The scam artist will call saying they have your tax return, and they need to verify a few details to process the return. This scam attempts to try and give up personal information such as your Social Security Number or financial information.
The IRS does not ask for any sensitive information over the phone such as your Social Security Number, credit card information, or bank information.
As time moves on, scammers are aware they can’t always rely on the same tactics to get ahold of the information they want. Their goal is to try and catch people off guard, and to do that some of their approaches must change. A couple of these methods are:
Official looking emails are sent to trick taxpayers into thinking they are official communications from the IRS or others in the tax industry, such as the Taxpayer Advocacy Panel (TAP). These schemes can ask their potential victims a wide range of topics such as information relating to refunds, filing status, confirming personal information, ordering transcripts, and verifying PIN information. When the links are clicked on, the person is taken to sites that are designed to appear like an official website. These sites ask for their personal information. Not only will the victim’s information be stolen, but these sites also may carry malware. A variation of this scheme is sent via text message.
The IRS won’t send emails or texts to contact taxpayers about tax issues. If you’re questioning whether or not it was sent by the IRS or another organization, examine the link before clicking on it.
False CP2000 Notice Related to the Affordable Care Act:
Scammers are taking advantage of the confusion about Obamacare by sending out these false notices. These fake documents are included in an email attachment. In addition to the “payment” link in the email, the fake CP2000 includes a payment request that the taxpayer must mail a check made out to “I.R.S” to the “Austin Processing Center.” The actual form is not a bill and only informs taxpayers of the proposed adjustments the IRS wants to make. Also, those who want to see if their notice is legitimate, they can visit: https://www.irs.gov/individuals/understanding-your-cp2000-notice
Application forms, procedures and additional information
There are many ways to experience
St. Bonaventure for yourself
Learn more about the programs that interest you