ThreatMetrix US Patents Press Releases

Filing Fraudulent Tax Returns Nets Nearly $4 Billion Payday for Cybercriminals and Millions of Compromised Taxpayer Identities

Posted March 10, 2014

ThreatMetrix Shares Comprehensive Security Strategies to Avoid Cybercrime and Identity Theft during Tax Season

San Jose, Calif. – March 10, 2014 – ThreatMetrix™, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the risks consumers face during tax season and strategies to protect taxpayer identities, especially when filing online returns. Of all potentially fraudulent tax returns, 93 percent are filed online, asserting the heightened need for preventative cybersecurity measures to protect tax e-filing.

More than 125 million tax returns were filed online in 2013, almost double the amount filed in 2012. As more consumers adopt e-filing due to its ease and convenience, cybercriminals continuously develop new ways to compromise returns for profit. Now more than ever, effective security measures are a necessity during tax season.

“The technology surrounding tax returns has advanced to provide a quicker and easier filing process for taxpayers, but such technology can offer additional opportunities for cybercriminals to steal identities,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “However, the risks associated with tax e-filing can be mitigated through comprehensive cybersecurity strategies. Specifically, businesses and government agencies must implement anonymized sharing of trusted identity intelligence without compromising personal identities and privacy.”

Cybercriminals have derived several strategies to manipulate tax returns for personal gain, including:

• Fraudulent Returns – Cybercriminals often file a return for a child, an adult whose income doesn’t merit a return or even a deceased person. A 2013 report by the Treasury Inspector General found the Internal Revenue Service (IRS) gave away nearly $4 billion in fraudulent tax refunds the previous year. Many consumers also begin to file their tax returns only to find out that someone else illegally filed a return in their name. Fraudsters often receive returns on to pre-paid cards which are then turned into cash. The taxpayer is then left to deal with the inconvenience and hassle of reporting the crime to the IRS, filing a proper return and protecting their data and identity from fraudulent use.

• Identity Theft – After a legitimate user files his or her tax return online, cybercriminals can compromise the system and steal personally identifiable information typically included in a return, such as names, banking accounts and social security numbers. In the first half of 2013 alone, 1.6 million taxpayers were affected by identity theft.

Another form of identity theft results from fraudsters turning to social networks to identify potential targets and collecting the information on taxpayers necessary to accurately complete a return. Cybercriminals gather personal details such as a user’s number of children, marital status and employer to piece together a person’s identity, which can help them claim the correct number of dependents and estimate an annual salary in order to file a fraudulent return.

The launch of a new IRS mobile app this year poses additional risks for tax return fraud. The app provides information on a user’s refund status and tax records, as well as a portal that allows taxpayers to download their returns since 2009. Despite the convenience factor for consumers, these tools make it easier for cybercriminals to illegally obtain more personally identifiable information than was previously available.

“It’s essential for consumers to use caution when filing returns online and avoid publicly sharing personally identifiable information, but it’s up to governmental agencies and private industries to collaborate on sharing data that can be used to prevent cybercrime,” said Faulkner. “Private industries have begun to adopt more sophisticated screening procedures, and government agencies such as the IRS need to follow suit with a layered approach including advanced fraud prevention and context-based security to effectively prevent cybercrime associated with online tax returns.”

In February 2013, President Obama deemed the cybersecurity threat to critical infrastructure so severe that he signed an Executive Order on Improving Critical Infrastructure Cybersecurity, which mandated an update of the current cybersecurity framework. In February 2014, The National Institute of Standards and Technology updated the framework with voluntary guidelines for government and the private sector to address and manage cybersecurity risks, such as the increasing risks of tax e-filing. A key takeaway of the framework is the need for a collective and orchestrated response to threats facing our nation’s infrastructure and mission-critical applications.

To make the process of electronically filing tax returns safer for taxpayers, ThreatMetrix urges the government and private industries to share relevant anonymized intelligence in real time via a shared network without compromising taxpayer privacy. This combined knowledge can dramatically reduce the amount of revenue lost to fraudulent returns and identities compromised through tax e-filing.

ThreatMetrix uses the largest trusted identity network of shared intelligence, the ThreatMetrix™ Global Trust Intelligence Network (The Network), to differentiate between authentic and suspicious transactions and online activity. Its real-time analytics evaluate logins, payments, new account registrations and remote access attempts for validity. The Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites, can be leveraged by both businesses and government agencies to protect consumers from cybercrime during tax season.

For more information and an infographic about the above information, visit

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix™ Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blog, FacebookLinkedIn and Twitter pages.

© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contact
Jaci Robbins
Tel: 408-200-5718

close btn