Most of us know what personal identity theft is either from personal experience or knowledge of somebody who has been compromised. What many don’t know is that business identity theft is a fast growing industry for thieves and scammers alike. What makes business identity theft so attractive is the money that can be made compared to personal identity theft.
A business whose identity is breached stands to have many tangible and intangible assets compromised as a result of a computer network breach. Consider the information that is at stake here. Thieves are targeting corporate information. However, customer information, vendor information and sensitive employee information are the icing on the cake. Consider what scammers do with stolen company information. They know businesses typically carry larger cash balances than individuals, which make it very attractive to them. The odds of making off with a stolen personal credit card are comparatively low, however, a thief’s chances are better at opening a business line of credit and purchasing goods.
Business tax identity theft occurs when somebody creates, uses or attempts to use the identifying information of a business, without authority, to obtain tax benefits. Scammers and thieves have now graduated into filing false business income tax, trust and estate income tax for refundable credits and/or fraudulent tax refunds. To illustrate, in the first five months of 2017, the Internal Revenue Service flagged some 10,000 business returns for suspected tax-related identity theft – a 250% increase from the 4,000 cases in all of 2016 and a 2,757% increase from the 350 suspected cases in 2105. The IRS estimates potential losses from business-related identity theft against corporations, partnerships, limited liability companies and other business entities at $137 million so far for 2017, compared with $268 million in 2016 and $122 million in 2015.
Companies should be alerted to the following occurrences, which may indicate tax identity theft:
• Receiving IRS notices about fictitious employees;
• Receiving IRS notices about defunct, closed or dormant businesses after all accounts have been paid;
• A business return you filed is accepted as an amended return when no return for that year has been filed.
• Receiving an unexpected tax transcript or IRS notice that does not correspond with anything the business submitted;
• Failure to receive expected routine correspondence from the IRS, which could indicate that the thief has changed the contact address for the business.
The IRS will be implementing new protocols in 2018 to combat tax identity theft. They will be verifying:
1) Name & Social Security Number of the person signing the return to ensure that the person signing the corporate return is a legitimate employee or trustee of the corporation;
2) Previous payment history to ensure that this request lines up consistently with previous tax returns and wasn’t pulled out of thin air by a scammer;
3) Filing history to ensure that a corporation has filed all relevant tax forms and not solely the return – a good sign that the person signing the return is an actual corporation rather than a single person.
Here are a few important steps a business can take to be more proactive and lower the chances of being affected by business identity theft:
1) Sign up for alerts from your financial institutions. Bank accounts and credit card accounts can be tailored to alert the owner if a transaction over a certain amount is processed.
2) Educate your employees about phishing and other computer malware. Train employees to distinguish between valid emails and emails that can compromise a business’s computer network.
3) Limit the disclosure of sensitive information. The more sensitive information is distributed, the greater the likelihood of a breach. Limit the disclosure of company information and only do so in a secure environment.
4) Sign up for alerts with your Secretary of State. These alerts are helpful if an unauthorized change is made to your registration information.
5) Check your credit report regularly. Whether through Dunn & Bradstreet or any of the credit bureaus, you should be checking your business credit report to ensure nothing suspicious is going on.
Business tax-related identity theft is on the rise. With the limited budget the IRS is given, it is up to the business owner to be vigilant in guarding all of its proprietary information. Contact your computer professional and/or tax professional for a check up!
For more information contact Ron Friedman, CPA
914.830.4369
