My Financial Identity Crisis

Michael QuanEducation, How to, Misc, Taxes36 Comments

Some links below may be from sponsors. Please see our disclosure for more info.

I Got Stung!

I was a bit apprehensive to share this, but as I mentioned to my insiders last week, I recently became the victim of identity theft.  I finally realize this story is too important NOT to share.

Has Someone Stolen From You?

comic-thiefIf you’ve lived long enough, you’ve probably been the victim of theft at some point in your life, right?

Whether it’s getting pickpocketed while traveling, your house broken into, or having your wallet/purse stolen, it’s NOT a great feeling.

As a victim, you may feel a sense of loss, a sense of unease that you’ve been violated in some way and an entire range of emotions from shock to anger.

Oh yeah, let’s not forget FRUSTRATION!  (Something I’m experiencing currently… stay tuned)

Theft is Evolving

In the digital age, theft is evolving.  Chances are you’ve probably had a credit card number stolen from your before, and if you haven’t, you probably will someday.  The security controls simply aren’t in place yet… at least in America.

My former IT company actually helped vendors become PCI Compliant (best practices to protect consumer credit card data).  The problem isn’t with these vendors, it’s the millions of other vendors that haven’t followed suit.  Even then, PCI Compliant companies are still getting breached by determined hackers (eg. Healthcare Providers, etc.).

cyber-crime-1012751_1280

Sadly, there is only so much you can do to prevent your personal data from being leaked (unless you hide underneath a rock).  But for the majority of people like you and me, we like to live in an active and dynamic society.  Identity theft then is, unfortunately, a way of life and these cyber crimes are rampant.

The Call

I was pretty happy a couple of weeks ago.  My CPA told me we were just about done with our taxes and should expect a sizable refund for 2015 soon.  All I had to do was to submit the final K1s from our RealtyShares investments and we’d be golden.  I got the K1s several days before the deadline and all that needed to happen was to submit the returns electronically.

Hey, I filed your taxes last night, but it came back as rejected. I tried it again, and it’s coming up with the same error,” he explained. “What error? I thought e-filing was a pretty simple process?” I replied. “Well, it’s telling me that someone has already filed a tax return under your social security number,” my CPA claimed.

card-158195_640

You’ve got to be kidding me!” I thought. “Did someone actually have the audacity to use my SSN!! WTF!

Want to know something crazy?  Between the years of 2011 and 2014, the IRS halted $63B worth of fraudulent tax refunds.  That’s insane!!

What Do We Do Now?

After the initial shock and annoyance settled in, I started to think more resourcefully. I worked with my CPA to figure out the procedure to follow once someone uses your SSN to file a false return in your name.

Basically, because we couldn’t e-file our taxes, we had to print out the return and mail it in the old fashion way (brings back memories!).  Along with the return, I had to submit an ID verification affidavit (IRS Form 14039) to show proof of my identity.

14039

To be on the safe side, we also filled out the form for my wife too since she’s on the return jointly.  You have the option of submitting a copy of your social security card, driver’s license, or passport.  We selected two methods and attached them on top of the return.

Great, Now You Tell Me

Ironically, after mailing out the return that Saturday morning, I actually received a letter from the IRS (LTR 5071C) later that afternoon.  It essentially was letting me know that a return had already been filed under my social security number (SSN) and to confirm its accuracy.

IRS Identity Verification Letter

So, the IRS caught wind of this scam and didn’t process anything yet. That’s the good news.

The bad news is that I’m losing hours and hours of time I hadn’t planned for.  I also wasn’t able to use their verify website.  So, my only choice was to call their ID hotline.  Although it mentioned high call volume, I was able to get through to an agent within 7 minutes… better than I was expecting.  Anyhow, the IRS agent I spoke with asked me for my social security number, name, date of birth, address, and details from last years taxes.  Finally, I had to answer a series of credit agency generated questions.

The entire process lasted about 15 minutes from the time I started in on the questions.  To ensure that they knew which return was actually mine, I had to verify some data on the new return.  The agent told me it can take up to 190 days to process before settling my 2015 return.

4 months

Arghh… that’s over 4 months!  I wouldn’t be that perturbed, except that we have a rather large refund due this year.

Apparently I should expect some confirmation of documents back from the IRS once they verify my ID further and it will have additional instructions on how to secure my identity.

Time to Move On

Well, such is life, right?  In the end, this is a valuable lesson not only for me but for everyone reading this.  You see, I have been incredibly protective of my financial identity – specifically my SSN (and always have been).  The problem is that other organizations that have my information are getting breached left and right.  And well, there’s not much I could have done to prevent it.  However, there are things I can do now and continue to do to minimize the impact of this invasion of privacy.

The Best Offense is a Good Defense!

defence-155481_640

So here’s what I’m doing to keep these would-be thieves at bay…

  • Step 1: Notify IRS by Filing Form 14039
  • Step 2: Place a Fraud Alert with A Major Credit Scoring Bureau
    • (i.e. Transunion, Experian, Equifax)
  • Step 3: Continue Using 2-Factor Authentication & Complex Passwords
  • Step 4: Continue to Encrypt Documents with My Social Security Number
  • Step 5: Shred Old Documents That Contain Personally Identifiable Information
  • Step 6: Consider Investing in Identity Theft Protection Service*
    • * (as recommended by my readers)

Although my financial identity was compromised and used without my permission, it appears that these would-be thieves were stopped cold in their tracks (for now).  This is thanks in part to the IRS’s increased security protocols, and also my own proactive actions above and also consistently monitoring my credit score and other financial benchmarks.

Check out my previous post on cyber pickpockets.

What’s Next?

Thankfully it appears that all of my accounts are intact and my financial records look accurate.  This, of course, is an added benefit of tracking your finances through sites such as Credit Karma (free credit scores & monitoring) and Personal Capital (free cash flow & net worth monitoring).

However, should I find certain accounts out-of-place after the initial fraud hold is lifted, I can submit and extended hold for up to 7 years by filing a police report, and by taking several other measures.  For the most up to date information from the FTC, check out www.identitytheft.gov.

Who Has Your Information?

Life is too short to always be looking over your back, but it may be prudent to install a rear view mirror.  Remember, part of being financially alert is becoming proactive with your own finances so that they serve you and not someone else.

Want to know something scary?  Someone likely has your information too.  Whether or not it gets used is anyone’s guess.  But, I’d rather you not wait and find out the hard way.  Stay safe friends!

Readers, what do you do to protect your identity and financial data from cyber thieves?  Have you ever been a victim?

Follow me

36 Comments on “My Financial Identity Crisis”

  1. Man, my company that I worked for prior got data hacked and someone has my W-2 information from 2015.. (along with it.. My social). I already had filed my taxes already so that wasn’t a problem for 2016 but I’m now scared that I’m going to face the consequences when I file my taxes next year.. The company gave me free identity monitoring program but it’s only for 2 years and it’s only monitoring, not preventative.. Sigh data security is becoming much more crucial!

    1. I feel for ya, FS! If you’re really worried, you can always place a lock onto your credit score an individual bureau like TransUnion. They should pass this down to the other 2 large bureaus.

      We live in crazy cyber times!

  2. Just last week I had fraudulent charges on my credit card! It’s chip enabled too, but with so many merchants on the slow train to upgrade and activate their pin readers, I often have to swipe my card, which makes me nervous. The worst is at gas station pumps and random ATMs. I always check to see that there’s no card skimmer installed waiting to steal my information. Anyways, glad to hear your accounts and identity is all intact.

    1. Sorry to hear, OB. Credit card fraud is yet another form of ID theft that will unfortunately affect us more than one over the course of our lives. We really need PINs for all credit card transactions. What a bizarre system we have in the U.S.

  3. This is so frustrating. I had a credit card number stolen last year, and this year I still can’t complete my taxes because one of my W2 employers had not recorded that I moved in Q1 and had been taxing me at the wrong jurisdiction rate. I am still waiting. Freedom looks really good when other people are messing with your money.

    1. Ahhh… sounds like a huge hassle with the W2! Good luck getting that figured out sooner than later. I just finished up my theft report, but still waiting on the PD to send me a copy of the report. Next step… 7 year extended fraud alert on all my credit accounts.

  4. Sounds like a horrible experience. I hope it gets sorted out fast so you can get your refund!

  5. Damn that sucks to hear Mike! Hopefully it’ll all be sorted quite quickly although really appreciate you sharing this with the community!

    Thankfully I’ve been quite fortunate to date although it is something I should start to consider more seriously eh?

    all the best with it!

  6. Wow. Thanks for sharing Michael. I know way too many companies have access to my SSN over the years that I’m sure that I’ll be eventually hit as well. I’m as diligent as I can setting up myself with identity theft alerts and monitoring my credit regularly.

    I’ll be bookmarking this post in case something ever happens. I hope I never have to read your post again 🙂

  7. Thanks for posting this Michael. I am woefully under-educated when it comes to online security. I am currently saving for a shredder and have a construction sized black bag of documents waiting to be shredded! I also signed up to check my credit through Credit Sesame. In addition I check my accounts every day to make sure nothing looks too funny. I definitely have caught some credit card fraud this way, but it always sends me into a mini panic.

    1. JL, it sounds like you have decent system in place already.

      Did you know you can get your documents shredded at organizations like Goodwill? I used to shred my own documents, but the sheer mountain of paper got rather overwhelming. So, now I just take it somewhere that will certify it’s destruction (you can even watch if you request).

      Ultimately these things will happen regardless of how many safe guards we put into place, but the good news is you’ll be able to thwart any major damage that could occur if you weren’t aware of your financials.

      1. Really? There is no Goodwill here but there is one only an hour away. Maybe I should check it out.

  8. What happened to you is what we’ve been fearing for a few years now! Though thank goodness the IRS caught it before they processed the fraudulent return! Thankfully, we usually end up owing federal taxes, so at least we’re less worried about a fraudster stealing our refund — haha. (Kidding… sort of.) I’m sure it’s super frustrating to have to take all these extra steps to file your return and get your refund, but it sounds like you had the smarts to figure out how to manage it all. Thanks for the great reminder to stay vigilant!

    1. It’s definitely been an interesting experience, ONL! And, of course, this happens one of the few times we’ve ever had a refund. Fingers crossed it doesn’t happen again… which I hear is somewhat common (doh!).

      Stay safe!

  9. What a nasty experience… I hope you can stop the fraud completely.
    I always find it amazing how light security is the US on credit cards, online banking, tax declaration. I am happy that in Belgium and Europe there is a chip and PIN for payment cards, we have strong tokens and 2 devices to logon banking and tax declaration requires a lot more than just a national number.

  10. Ugh… sounds awful. Michael — what about Identity Theft Protection? I noticed this was not mentioned above. I know that Dave Ramsey recommends it constantly and it seems relatively cheap ($6/ month individual; $13/month family). Thoughts? Thanks for the post.

    1. Great question, Jeff! Yes, I suppose Identity Theft Protection could be a worthwhile investment. You’re the second person to mention that today. I haven’t researched any of the companies that do this service, but I know there are many (including some of the larger credit bureaus). For now, I’ll update my post and make it Step #6. 🙂

  11. Ready your email about it the other day. Hate that this happened to you! I can only imagine the shock and frustration. Especially since they are now holding your money an extra 4 months! I wish you the best in getting it all worked out. This could seriously happen to anyone these days.

    1. Thanks, Hannah. Yeah it’s been a bit frustrating, but it could have been worse for sure. The good thing is since it happened to me, I get to share with others and hopefully thwart some future ID thefts. I’ll definitely update you all as the process continues to unfold.

  12. Ya that’s pretty scary. They really don’t need a whole lot of information to submit a fake return. Glad to hear the IRS can notice a fake though – it probably looked nothing like your previous years. Not to mention for W2 or 1099 workers, the IRS is sent a copy of what you were paid. If it doesn’t match up, should be pretty obvious. Yet it still takes forever to process…

    1. Yup, you’re right, Brian. All they need is your SSN and your name to file a fake return.

      It’s pretty crazy the IRS will even send refunds to reloadable cash cards (the kinds you can get at the gas station) which makes it so easy for the crooks to vanish into thin air! Let’s hope this process gets updated sooner than later.

  13. Hoofa – that sounds like a real pain in the %^&!!! Sorry to hear that.

    I’ve never been a victim, but this crime keeps growing and I’m sure it’s inevitable at some point. I do use a service that alerts you when any it notices any changes that might be fraudulent. These type of services seem to be offered as freebies every time a company with your info gets hacked so I make sure to take advantage each time.

    I don’t trust it 100%, but at least it’s another layer. I also make sure to turn on two-step authentication on every site that offers it to help stop people from hacking into my accounts.

    — Jim

      1. Hi Hannah – right now I’m using AllClear ID. As far as a difference in awareness, I guess it depends. I’m in Quicken every single day looking at every new transaction that takes place so I would notice real quick if someone was doing anything funky with credit cards or bank accounts.

        However, when I was doing a mortgage refi for example where my credit history was being checked, I was getting phone calls immediately making sure I was aware that this was legit. So it does give a little peace of mind.

        — Jim

    1. YES, Jim! Great recommendation. 2-Factor Authentication should be used any time we can. A single password just won’t cut it these days.

      I am glad that we’re finally seeing the credit card chips come into place, but it would really make a lot of sense to add a required PIN to the process too. Europe has been doing this for years.

      Thanks for sharing the service that alerts on potential fraudulent activity. That sounds like a helpful option to protecting your ID.

  14. Wow – What a pain to have to go through! At least the IRS caught it and never processed it. Also 7 minutes to get through to the IRS? That has to be a record! When I have to call for work, it is at least 45-60 minutes, if I don’t just get disconnected at that point 🙂

    Glad to hear you got it taken care of. Unfortunately, all we can do is be as careful with our information as possible but there is always going to be this threat as we move more and more towards digital records. Looks like you have a good plan in place!

    1. Thanks for the comment, Thias. Yes, occasionally the IRS surprises me in a good way. 🙂 Had the refund passed through to the crooks, I hear it would take even longer to get it back. I guess it can always be worse!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.