Man, what a clusterphuque! On Friday, someone in West Virginia attempted to make a substantial charge on my debit card but they not did have the correct expiration date or security code. Chase notified me and blocked the charge. Saturday, I got notified that someone attempted to file a tax return in my name with a new account through Turbo Tax. I verified that it wasn’t me and the blocked the attempt. But now it has to be reported to the IRS, The Federal Securities Commission, all of my financial account and credit holders, all of the credit bureaus and the State police. The end result is everything will be locked down. Fraud alerts are now on all of my accounts. As far as my tax refund? I can expect a minimum delay of 6 months and if the person who did this tries and gets through with another e filing service, it could delay things over a year. Oh and I have to paper file now too. No e-filing. It also will effect any potential stimulus payments as well. Sadly this is just the beginning of this. This is going to effect me financially for years. I hope the bastard who did this gets hit by a bus because that is kind of how I am feeling right now.
What a raging pita! I can’t even imagine. Good luck…tracking the guy down with a bus.
Real ways to protect against ID theft:
-
Sign up for the IRS website, and set a PIN. Before 2020 they wouldn’t allow you to set a PIN without being a prior ID theft victim, but that is now permitted thankfully.
Sign Up at irs.gov Before Crooks Do It For You — Krebs on Security
Why & Where You Should Plant Your Flag — Krebs on Security -
Freeze your credit at all agencies
Credit Freezes are Free: Let the Ice Age Begin — Krebs on Security
Shit man I am so sorry to hear all that. Might I ask if you had your credit reports frozen before this?
They didn’t apply for credit in his name so that doesn’t really apply. But yes, everybody should freeze their credit.
I went through this nearly a year ago, there was a huge unemployment scam and breach in Washington state, I had to jump through a bunch of hoops to get it sorted. They didn’t seem to successfully steal my identity but did try to file unemployment on me, which naturally set off alarms at my company’s HR department and got the ball rolling. I ended up doing the steps stusser listed above, I second taking those actions if you’re able.
I did not, although I did have identity protection. They are now frozen, of course. And I verified that none of my actual credit or financial institutions has been hit, outside of the one attempt last Friday that did go through. As long as the people or person who did this did not get a filing through via another e-filing company, I should be good. Now I am just wading massive bureaucratic swamp. Hopefully the only financial issues I have going forward are the delays on my refunds and stimulus. That is inconvenient but I can deal with it. It is frustrating though that the person who did this will probably never be caught or even inconvenienced by this but I will certainly be very inconvenienced. All I can really hope for is that some random karmic event bites them in the ass.
The debit card thing was just a stolen card number, not identity theft at all. Scary that it was a debit card though as you have less protection.
The tax refund scam is very common and setting a PIN should stop it in its tracks. Everybody should do this.
That link you provided goes to a lengthy article I didn’t bother to read as I just wanted to set up my PIN, I don’t need convincing. The link he provides goes here:
And he labeled that link “create an account” but on that page I cannot find anything like “create an account” or set up a PIN. Where do I go to set this up?
Yeah that card has been locked and I will be getting a new one issued. All of my credit cards have been put on fraud alert just to be safe. I do have a PIN with the IRS so that is probably protected now as well. Fortunately there was no real financial damage done, the attempts were stopped by the protections in place.
One note, I had to wait for the IRS to send me a paper letter in the postal mail with a code to sign up in the first place. They’re taking security somewhat seriously for this.
That’s perfect, thanks!
They now have an option to get your PIN online.
Yes, I needed to wait on the postal mail to sign up for the website in the first place.
Appreciate you posting about this, since I was completely unaware. Couldn’t recognize my phone for whatever reason, so I am also having to wait.
Yep exact same deal. Not a problem just do it when the mail comes.
For extra fun, there are a few vendors (DAMN YOU COX!!!) who will charge you a fee if you have a credit card attached to automatic billing and it gets declined because of a fraud hold.
Sorry to hear about this, rshetts!
I went through it many years ago when someone bought a house in Georgia using my name and personal info. “Victim punishing” is exactly what it felt like, from not being believed when I claimed I didn’t buy that house all the way through the mountain of police reports, fraud alerts, etc. My online-banking-tech-phobic Dad all but asked me what I was wearing to allow such a thing to happen. Clusterphuque indeed!
Just an update. Everything got locked down before any direct financial damage was done. The two attempts made were both blocked before they went through and none of my accounts show any further attempts. Sadly, the indirect damage is just beginning. I do not believe in hell but if it does exist I hope there is a special place set aside for identity thieves because the chances of most of them ever paying for the pain and distress their actions cause, here on Earth, is close to zero. Thank you, everyone for your kind words and support. It helps temper the frustration a bit.
So this Accellion breach is a real bitch to deal with. Data was dumped on the darkweb in the last couple of days, a lot, and I do mean a lot of it… like this thing is huge.
And I spent part of the morning freezing and checking thing. I am… not pleased. All my careful data approaches, password and credit not debit use does nothing if these types of places can’t keep their shit together. (hint, they didn’t.)