Each year during tax season, identity thieves take advantage of the flood of tax returns being filed to steal sensitive information and commit fraud. 

From filing fraudulent returns in someone else’s name to stealing sensitive information through phishing scams, the threat of identity theft is real and can have serious consequences, according to cybersecurity expert Mike Chapple, teaching professor of information technology, analytics and operations at the University of Notre Dame’s Mendoza College of Business.

“It’s important to be vigilant and take extra precautions to protect your personal information,” said Chapple, a former computer scientist with the National Security Agency. “The good news is that there are simple steps that you can take to protect yourself from identity thieves.” 

Chapple offers the following seven tips to take control of personal information and reduce the risk of identity theft:

Pay attention to notices that you receive from the IRS. If you receive a notice from the IRS that you are not expecting, take it seriously and investigate. This could be an indication that someone has used your identity to file a fraudulent return in your name. 

Ignore suspicious email messages, texts or phone calls. If the IRS needs to get in touch with you, it is going to send you an official letter. It does not initiate contact with taxpayers through email, text messages or over social media. Scammers, on the other hand, love to pretend that they’re from the IRS in attempts to steal your personal information. If you have any questions about the legitimacy of a message that you receive, don’t follow any of the instructions in the message. Instead, call the IRS taxpayer assistance center directly at 800-829-1040.

Watch for e-file errors. If you attempt to e-file your taxes and receive an error, make sure that you read that message carefully. If the system tells you that someone has already filed a tax return under your Social Security number or that one of your dependents has been claimed on a different tax return, those are red flags that someone may have stolen your identity.

Use multi-factor authentication on all financial websites. Multi-factor authentication adds an extra layer of security to your accounts, making it more difficult for someone who steals your password to access your data and your money. Yes, it’s a hassle to get this set up and use it each time you log in, but that’s the point — it’s a hassle for potential hackers as well.

Get an Identity Protection PIN from the IRS. The IRS allows you to set a six-digit PIN that further protects your taxpayer account. With this PIN in place, nobody will be able to file taxes under your Social Security number without providing the PIN. If you set a PIN last year, you need to do it again in 2023. The PIN lasts for one year and must be reset annually.

Monitor your credit report. Regularly monitoring your credit report can help you detect any unauthorized changes or potential fraud early on. This can help you take prompt action to prevent further damage to your credit and minimize the impact of identity theft.

If your identity is stolen, act quickly. Fill out IRS Form 14039, Identity Theft Affidavit, to report the theft to the IRS. Make sure to keep a copy of the form for your records and follow up with the credit bureaus to place a fraud alert on your credit report. The faster you act, the more likely it is that you’ll be able to lock down your identity and recover any money that was stolen from you.

“Taking control of your identity is like building a fortress around your personal information,” Chapple said. “Every step you take, from adding multi factor authentication to keeping a watchful eye on your credit report, strengthens your defenses and makes it harder for identity thieves to succeed.”

Contact: Mike Chapple, mchapple@nd.edu