scorecardresearch Skip to main content

IRS is overwhelmed by identity theft fraud

Billions wrongly paid out as scammers find agency an easy target

The Washington headquarters of the IRS, where officials say they have improved their ability to detect identify theft.DREW ANGERER FOR THE GLOBE

First of two articles on problems plaguing the Internal Revenue Service.

WASHINGTON — Rashia Wilson bought a $92,000 Audi, proclaimed herself a millionaire, and announced on her Facebook page that she was “the queen of IRS tax fraud,” as prosecutors told the story.

But even more than her flamboyance, it was the seeming ease of her crime that was most stunning: She and an accomplice were alleged to have hijacked the identities of other taxpayers to get fraudulent refunds. They used stolen Social Security numbers, a computer, and basic knowledge of how to file a tax return, according to the government.


After the Florida mother of three was caught and pleaded guilty last year to crimes totaling at least $3 million, her defense attorney, Mark O’Brien, made his own plea. He said in court that he hoped the “IRS will figure out a way to prevent this from happening in the future, so someone with a sixth-grade education can’t defraud them so easily.”

Across the country, the theft of taxpayer identities has taken off, while receiving far less attention than the loss of credit card information. Even some drug dealers, always with an eye out for easy profits, have turned to taxpayer identity theft after hearing how uncomplicated it was to scam the IRS. A medical assistant at a nursing home stole the identities of hundreds of patients. A prison guard stole the identities of inmates and filed false returns under their names.

All told, in just the first six months of last year, 1.6 million taxpayers were affected by identity theft, compared with 271,000 for all of 2010, according to a recent audit by the Treasury Department’s inspector general. While the IRS said it discovered many of the incidents, the cumulative thefts have resulted in billions of dollars in potentially fraudulent refunds, according to an array of government reports.


“I’ve had a police chief tell me ‘street crime is down because everybody is now filing false IRS returns,’ ” IRS Commissioner John Koskinen,who took office last month, said in an interview.

While Koskinen stressed that the IRS uses a series of “filters” that are increasingly successful in catching identity thefts before refunds are paid, he acknowledged that “this problem has exploded’’ and that the agency is in a constant race to keep its detection techniques a step ahead of the thieves. “It is,’’ he said, “a little like ‘Whac-a-Mole,’ knock them down here and they come up over there.”

Rashia Wilson posted on her Facebook page that she was “the queen of IRS tax fraud.” This photo of her holding stacks of cash was used as evidence in a case in which she pleaded guilty to theft charges.

Kathryn Keneally, US Assistant Attorney General for the tax division, said her office has an increasing number of prosecutions of taxpayer identity theft underway. She listed one heart-wrenching case after another: military personnel who had their identities stolen while deployed, and parents who learned that their recently deceased child’s identity had been pilfered.

“We have seen drug dealers go into this because it is easy access to money. Gangs go into this because it is easy access to money. Or at least they perceive it that way,” Keneally said, while adding: “Please, if you quote me on saying ‘It is easy access to money,’ include: ‘We are changing that equation and we are adding risk to that.’ ” The average prison sentence for taxpayer identity theft last year was more than three years, and the longest was 26 years.


The problem is that even as prosecutions increase and the IRS improves its ability to stop many false tax returns up front, identity thieves also are increasing their efforts.

“What the identity thieves do is play on volume,” Keneally said. “So if they file 10 returns and 9 are stopped, the 10th one went through and they got the money.”

In case after case, court records show criminals have used tax-filing software to obtain refunds that are in the thousands of dollars, often receiving the funds paid via the US Treasury on debit cards or by direct deposit.

Prisoners at jails across the country have obtained stolen Social Security numbers and filed thousands of false returns. Criminals in foreign locales have pilfered the personal information of Americans and received refunds. Thieves have even stolen the Social Security numbers of thousands of children, as well as tens of thousands of dead people, to obtain fraudulent tax refunds.

A US Treasury audit released last September said that “billions of dollars in potentially fraudulent refunds continue to be paid” as a result of identity theft. If the problem is not stopped, the IRS could issue $21 billion in fraudulent refunds in the next five years, according to testimony by the Treasury Department’s inspector general for tax policy, J. Russell George.

The IRS has disputed that estimate, saying it has improved its ability to detect identity theft. But a spokesman said the agency doesn’t have enough information to provide its own estimate of how much has been paid so far in fraudulent refunds.


One indication of the scope of problem is that the IRS has given 1.2 million taxpayers a special code, known as an identity protection PIN number, to be submitted with a tax return. The personal identification number indicates they have previously been the target of identity theft. Just two years ago, only 250,000 people were classified that way.

The theft of taxpayer identities is different from the mass robbery of credit card numbers, as has happened recently at retail chains such as Target. While credit cards can be quickly canceled and consumers held harmless in some cases, the victim of taxpayer identification theft can face months or years of agonizing problems.

Marcy Hossli of Florida testified last year before the Senate Special Committee on Aging that she didn’t realize she had been a victim of identity theft until she received a letter from the IRS in 2012 telling her that someone had used her personal information to receive tax refunds in the two prior years.

Marcy Hossli testified that she didn’t realize she had been an identity theft victim until the IRS told her that someone had used her personal information to receive tax refunds in the previous two years.US SENATE SPECIAL COMMITTEE ON AGING

Hossli, a cancer survivor who owed $4,000 in medical bills, was told it would take several months to process her returns. She was then told that she would be among those who receive a special personal identification number, so the IRS would know she had been the victim of identity theft and that any return filed in her name should be checked rigorously to make she it was filed by her.

On the road to obtaining that special number, Hossli testified, she endured a series of runarounds and said she had spoken to “dozens” of different people at the agency. One IRS agent “told me it was my own fault that I hadn’t received my refund,” Hossli, who could not be reached for comment, testified. “. . . She was quite angry with me and made me feel stupid and small because she said I was just one of many people dealing with the same problem. I was near tears on the phone.”


A raft of government reports backs up Hossli’s testimony.

Understaffing and lack of training at the IRS meant that it took an average of 312 days to resolve identity theft cases, subjecting victims to a series of traumatic delays that often were caused by confusion among IRS agents, a Treasury audit said.

IRS officials said they have recently improved their response time to complaints, cutting the average wait of 312 days to resolve identity theft cases to 120 days.

All of this raises the fundamental question: Why does the IRS persist in the practice that enables such schemes — issuing refunds before being certain the money is going to the legitimate taxpayer?

The answer speaks volumes about the outdated nature of the IRS system of processing returns, and the political pressure to get refunds quickly to taxpayers.

Under the current system, the IRS cannot always be certain that a return is filed by the person whose name and Social Security number is on it, but it often pays the refund anyway.

The simplest way to stop most of the fraudulent refunds would be to prevent any payments from being sent until after the April 15 filing deadline has passed.

That would enable the IRS to recognize that more than one person is using the same Social Security number for a return, and prompt the agency to investigate which one is legitimate. But the IRS follows a congressional mandate to pay refunds as soon as possible after a return is received, often within days. While that has been promoted as efficient service, it also has prompted criminals to file false returns as soon as tax filing season begins, hoping to get a refund before the real taxpayer even thinks about filing.

Another way to cut the identity theft would be for Congress to approve a recommendation from the office of the National Taxpayer Advocate to create a “real time” system in which tax returns would be matched up front with third-party financial information such as statements on wages and interest and dividends.

Currently, the IRS often receives the electronic version of that information weeks or months after it has issued a refund.

“When the IRS gets a return that claims a refund, the IRS does not have the ability to check that the taxpayer is entitled to the refund, that it is a real person,” former IRS commissioner Lawrence Gibbs said in an interview. “They don’t have records to say whether the person claiming the refund is entitled to it. They just send the check. The crooks found out it was nirvana, and as a result you have seen a massive influx of fraud.”

Koskinen, the current commissioner, said that he would like to see returns checked up front with financial information, while acknowledging that such a change might take several years to fully implement. It would also likely require Congress to increase IRS funding at a time when it has been cutting the agency’s budget.

Many of the fraudulent tax returns are filed by using the Social Security numbers of people who are not required to file returns and thus don’t realize their identity was used to obtain illicit refunds. For example, potentially fraudulent returns were filed in 2011 using the Social Security numbers of 1,451 children under 14 years old; 19,102 dead people; 37,249 prisoners; and 753,000 people whose income level did not require a tax return.

The ability of criminals to file returns using the names of dead people has been a known problem for years. It has long been easy to get access to what is known as the “Death Master File,” which includes Social Security numbers of recently deceased people.

A criminal can use the Social Security number of a dead child, for example, to claim that person as a dependent in the year of death. It was not until December that Congress passed legislation to restrict the public’s ability to get such information, and it still remains available while regulations are written to implement the new rule.

Koskinen, the IRS commissioner, seemed stunned when he learned at a congressional hearing on Feb. 5 that the Death Master File was still publicly available, saying it represents a “target of opportunity” for criminals to steal identities.

The theft of taxpayer identities has become a thriving business. In one recent case, a Florida nursing home employee and an accomplice were found to have stolen the Social Security numbers and other information of 617 people, assembled the data in a spreadsheet, and then sought to sell it for $28,500. (The “buyer” was an undercover officer.) A California man was found to have stolen personal information from a state agency and filed false returns. An employee of an Alabama state agency was found to have stolen identity information from a database and sold it an accomplice who filed more than 1,000 false returns.

Some of the identity theft is committed by tax preparers from their offices. Preparers have filed returns using a client’s information and then had all or part of the refunds sent to themselves. One-third of the potentially fraudulent returns were filed by paid preparers, many of whom are not regulated, according to a Treasury report.

A government investigation, for example, found that one unnamed tax preparer submitted 5,506 potentially fraudulent returns, which resulted in refunds totaling $26.8 million.

During a Senate hearing last year, an incredulous Senator Claire McCaskill, a Missouri Democrat, asked why the IRS allowed 2,000 refunds to go a single address, an obvious sign of potential fraud. George, the Treasury inspector general for tax policy, responded that the IRS “needs a statutory fix in order to limit . . . the number of returns that are issued to the same bank account, debit account, what have you.”

“No, you’ve got to be kidding,” McCaskill responded.

A number of identity theft cases have been committed by tax preparers who have been accused in broader cases of fraud. For example, Rosa Ivette Colon,who ran a company called X-Press Taxes in Somerville, Mass., prepared hundreds of false returns, including two instances in which “she filed tax returns in individuals’ names without their knowledge,” according to the Justice Department. She was sentenced last year to 61 months in prison and was ordered to pay $400,000 in restitution. Her public defender declined comment.

The case of Rashia Wilson has helped publicize the issue of taxpayer identity theft, in part because of the colorful way the Tampa woman was said by authorities to have boasted about her activities.

She posted on her Facebook page that she was the “queen of IRS tax fraud,” along with a picture that showed her hoisting bound wads of bills, according to court records. She dared the government to catch her, writing on Facebook, “I’m a millionaire for the record, so if U think indicting me will B easy it won’t, I promise you!”, according to prosecutors.

The money piled up as Wilson submitted one false return after another, the indictmentaid. Using the identity of a taxpayer with the initials S.M.W., Wilson on April 15, 2009, obtained a $7,524 refund, the indictment said. Many similar refunds were obtained in the following three years.

Using those refunds, Wilson stayed at hotels, withdrew money from ATMs, and bought furniture, according to prosecutors. Then in May 2012, Wilson bought a 2013 Audi A8L, handing over a cashier’s check for $92,682.67, the proceeds of fraudulent federal tax returns and refunds, according to the indictment.

Wilson’s attorney, Mark O’Brien, said they have served as a wake-up call to the government. “This was a lot worse than most people could possibly comprehend,” O’Brien said in an interview. “The amount of money that has been stolen from the IRS is mind-boggling. I don’t even think they realize how much has been stolen, but they are certainly starting to understand, as you can see from recent investigations and prosecutions.”

Michael Kranish can be reached at Follow him on Twitter @GlobeKranish