Insight

Businesses aren’t immune to tax identity theft

Tax identity theft may seem like a problem only for individual taxpayers. But, according to the IRS, increasingly businesses are also becoming victims. And identity thieves have become more sophisticated, knowing filing practices, the tax code and the best ways to get valuable data.

How it works

In tax identity theft, a taxpayer’s identifying information (such as Social Security number) is used to fraudulently obtain a refund or commit other crimes. Business tax identity theft occurs when a criminal uses the identifying information of a business to obtain tax benefits or to enable individual tax identity theft schemes.

For example, a thief could use an Employer Identification Number (EIN) to file a fraudulent business tax return and claim a refund. Or a fraudster may report income and withholding for fake employees on false W-2 forms. Then, he or she can file fraudulent individual tax returns for these “employees” to claim refunds.

The consequences can include significant dollar amounts, lost time sorting out the mess and damage to your reputation.

Red flags

There are some red flags that indicate possible tax identity theft. For example, your business’s identity may have been compromised if:

  • Your business doesn’t receive expected or routine mailings from the IRS,
  • You receive an IRS notice that doesn’t relate to anything your business submitted, that’s about fictitious employees or that’s related to a defunct, closed or dormant business after all account balances have been paid,
  • The IRS rejects an e-filed return or an extension-to-file request, saying it already has a return with that identification number — or the IRS accepts it as an amended return,
  • You receive an IRS letter stating that more than one tax return has been filed in your business’s name, or
  • You receive a notice from the IRS that you have a balance due when you haven’t yet filed a return.

Keep in mind, though, that some of these could be the result of a simple error, such as an inadvertent transposition of numbers. Nevertheless, you should contact the IRS immediately if you receive any notices or letters from the agency that you believe might indicate that someone has fraudulently used your Employer Identification Number.

Prevention tips

Businesses should take steps such as the following to protect their own information as well as that of their employees:

  • Provide training to accounting, human resources and other employees to educate them on the latest tax fraud schemes and how to spot phishing emails.
  • Use secure methods to send W-2 forms to employees.
  • Implement risk management strategies designed to flag suspicious communications.

Of course identity theft can go beyond tax identity theft, so be sure to have a comprehensive plan in place to protect the data of your business, your employees and your customers. If you’re concerned your business has become a victim, or you have questions about prevention, please contact us.

© 2018

Related Insights

Annual gift tax exclusion amount increases for 2023 | accountant in baltimore county md | Weyrich, Cronin & Sorra

Estate & Wealth Transfer Planning

Annual gift tax exclusion amount increases for 2023

Did you know that one of the most effective estate-tax-saving techniques is also one of the simplest and most convenient? By making maximum use…
Choosing a retirement plan for your small business | quickbooks consultant in baltimore county md | Weyrich, Cronin & Sorra

Management Advisory Services & Business Consulting

Choosing a retirement plan for your small business

Most growing small businesses reach a point where the owner looks around at the leadership team and says, “It’s time. We need to offer employees…
Reinforce your cybersecurity defenses regularly | business consulting services in hunt valley md | Weyrich, Cronin & Sorra

Management Advisory Services & Business Consulting

Reinforce your cybersecurity defenses regularly

If you’ve been in business for any amount of time, you probably don’t need anyone to tell you about the importance of cybersecurity. However,…

Connect with us

Use the form below to send us an email. WCS responds directly to all inquiries and general questions within 24 hours of posting.

This contact form is deactivated because you refused to accept Google reCaptcha service which is necessary to validate any messages sent by the form.