IRS Special Edition Tax Tip 2015-15, June 30, 2015
If you get a tax bill from the IRS, don’t ignore it. The longer you wait the more interest and penalties you will have to pay. Here are six tips to help you pay your tax debt and avoid extra charges:
- Reply promptly. After tax season, the IRS typically sends out millions of notices. Read it carefully and follow the instructions. If you owe, the notice will tell you how much and give you a due date. You should respond to the notice promptly and pay the bill to avoid additional interest and penalties.
- Pay online. Using an IRS electronic payment method to pay your tax is quick, accurate and safe. You also get a record of your payment. Options for electronic payments include:
Direct Pay and EFTPS are free services. If you pay by credit or debit card, the payment processing company will charge a fee.
- Apply online to make payments. If you are not able to pay your tax in full, you may apply for an installment agreement. Most people and some small businesses can apply using the Online Payment Agreement Application on IRS.gov. If you are not able to apply online, or you prefer to do so in writing, use Form 9465, Installment Agreement Request to apply. The best way to get the form is on IRS.gov/forms. You can download and print it at any time.
- Check out a direct debit plan. A direct debit installment agreement is the lower-cost hassle-free way to pay. The set-up fee is less than half of the fee for other plans. The direct debit fee is $52 instead of the regular fee of $120. With a direct debit plan, you pay automatically from your bank account on a day you set each month. There is no need for you to write a check and make a trip to the post office. There are no reminder notices from the IRS and no missed payments. For more see the Payment Plans, Installment Agreements page on IRS.gov.
- Pay by check or money order. Make your check or money order payable to the U.S. Treasury. Be sure to include:
- Your name, address and daytime phone number
- Your Social Security number or employer ID number for business taxes
- The tax period and related tax form, such as “2014 Form 1040”
Mail it to the address listed on your notice. Do not send cash in the mail.
- Consider an Offer in Compromise. With an Offer in Compromise, or OIC, you may be able to settle your tax debt with the IRS for less than the full amount you owe. An OIC may be an option if you are not able to pay your tax in full. It may also apply if full payment will create a financial hardship. Not everyone qualifies, so you should explore all other ways to pay before submitting an OIC. To see if you may qualify and what a reasonable offer might be, use the IRS Offer in Compromise Pre-Qualifier tool.
Find out more about the IRS collection process on IRS.gov.
IRS YouTube Videos:
- Online Payment Agreement – English | Spanish | ASL
- IRS Tax Payment Options – English | Spanish | ASL
IRS, Industry, States Take New Steps Together to Fight Identity Theft, Protect Taxpayers
IR-2015-87, June 11, 2015
WASHINGTON — The Internal Revenue Service joined today with representatives of tax preparation and software firms, payroll and tax financial product processors and state tax administrators to announce a sweeping new collaborative effort to combat identity theft refund fraud and protect the nation’s taxpayers.
The agreement — reached after the project was originally announced March 19 — includes identifying new steps to validate taxpayer and tax return information at the time of filing. The effort will increase information sharing between industry and governments. There will be standardized sharing of suspected identity fraud information and analytics from the tax industry to identify fraud schemes and locate indicators of fraud patterns. And there will be continued collaborative efforts going forward.
“This agreement represents a new era of cooperation and collaboration among the IRS, states and the electronic tax industry that will help combat identity theft and protect taxpayers against tax refund fraud,” IRS Commissioner John Koskinen said. “We’ve made tremendous progress, and we will continue these efforts. Taxpayers filing their tax returns next filing season should have a safer and more secure experience.”
Koskinen convened a Security Summit on March 19 with the chief executive officers and leaders of private sector firm and federal and state tax administrators to discuss emerging threats on identity theft and expand existing collaborative efforts to stop fraud.
Three specialized working groups were established as part of the Summit, with members from the IRS, states and industry co-chairing and serving on each team. During the past 12 weeks, the teams focused on developing ways to validate the authenticity of taxpayers and information included on tax return submissions, information sharing to improve detection and expand prevention of refund fraud, and threat assessment and strategy development to prevent risks and threats.
The groups agreed to several important new initiatives in this unprecedented effort, including:
Taxpayer authentication. The industry and government groups identified numerous new data elements that can be shared at the time of filing to help authenticate a taxpayer and detect identity theft refund fraud. The data will be submitted to the IRS and states with the tax return transmission for the 2016 filing season. Some of these issues include, but are not limited to:
- Reviewing the transmission of the tax return, including the improper and or repetitive use of Internet Protocol numbers, the Internet ‘address’ from which the return is originating.
- Reviewing computer device identification data tied to the return’s origin.
- Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected.
- Capturing metadata in the computer transaction that will allow review for identity theft related fraud.
Fraud identification. The groups agreed to expand sharing of fraud leads. For the first time, the entire tax industry and other parts of the tax industry will share aggregated analytical information about their filings with the IRS to help identify fraud. This post-return filing process has produced valuable fraud information because trends are easier to identify with aggregated data. Currently, the IRS obtains this analytical information from some groups. The expanded effort will ensure a level playing field so everyone approaches fraud from the same perspective, making it more difficult for the perpetration of fraud schemes.
Information assessment. In addition to continuing cooperative efforts, the groups will look at establishing a formalized Refund Fraud Information Sharing and Assessment Center (ISAC) to more aggressively and efficiently share information between the public and private sector to help stop the proliferation of fraud schemes and reduce the risk to taxpayers. This would help in many ways, including providing better data to law enforcement to improve the investigations and prosecution of identity thieves.
Cybersecurity framework. Participants with the tax industry agreed to align with the IRS and states under the National Institute of Standards and Technology (NIST) cybersecurity framework to promote the protection of information technology (IT) infrastructure. The IRS and states currently operate under this standard, as do many in the tax industry.
Taxpayer awareness and communication. The IRS, industry and states agreed that more can be done to inform taxpayers and raise awareness about the protection of sensitive personal, tax and financial data to help prevent refund fraud and identity theft. These efforts have already started, and will increase through the year and expand in conjunction with the 2016 filing season.
“Industry, states and the IRS all have a role to play in this effort,” Koskinen said. “We share a common enemy in those stealing personal information and perpetrating refund fraud and we share a common goal of protecting taxpayers. We want to build these changes into the DNA of the entire tax system to make it safer.”
Many major system and process changes will be made this summer and fall by the participants in order to be ready for the 2016 filing season. The public-private partnership also will continue this cooperative, collaborative approach to address not just short-term issues but longer-term issues facing the tax community and taxpayers.
The partnership parties recognize the need to continuously improve our tax system defenses for combating this threat to taxpayers and our tax system, Koskinen added. Those defenses include a continually improving multi-level identity proofing and authentication capability that anticipates and stops threats.
“I applaud the industry and the states for stepping forward to take on this challenge and making the needed changes,” Koskinen. “This is good for taxpayers, good for tax administrators and good for the tax community.”
Koskinen emphasized that a continuing theme throughout this effort focuses on protecting taxpayer information and privacy. “Working together we can achieve results that none of us, working alone, could accomplish,” he said.
In addition to companies from the private sector, the summit team included several groups including the Electronic Tax Administration Advisory Committee (ETAAC), the Federation of Tax Administrators (FTA) representing the states, the Council for Electronic Revenue Communication Advancement (CERCA) and the American Coalition for Taxpayer Rights (ACTR).
The IRS announced today that criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS’ “Get Transcript” application. This data included Social Security information, date of birth and street address.
These third parties gained sufficient information from an outside source before trying to access the IRS site, which allowed them to clear a multi-step authentication process, including several personal verification questions that typically are only known by the taxpayer. The matter is under review by the Treasury Inspector General for Tax Administration as well as the IRS’ Criminal Investigation unit, and the “Get Transcript” application has been shut down temporarily. The IRS will provide free credit monitoring services for the approximately 100,000 taxpayers whose accounts were accessed. In total, the IRS has identified 200,000 total attempts to access data and will be notifying all of these taxpayers about the incident.
As always, the IRS takes the security of taxpayer data extremely seriously, and we are working aggressively to protect affected taxpayers and continue to strengthen our protocols.
The IRS announced today it will be notifying taxpayers after third parties gained unauthorized access to information on about 100,000 accounts through the “Get Transcript” online application.
The IRS determined late last week that unusual activity had taken place on the application, which indicates that unauthorized third parties had access to some accounts on the transcript application. Following an initial review, it appears that access was gained to more than 100,000 accounts through the Get Transcript application.
In this sophisticated effort, third parties succeeded in clearing a multi-step authentication process that required prior personal knowledge about the taxpayer, including Social Security information, date of birth, tax filing status and street address before accessing IRS systems. The multi-layer process also requires an additional step, where applicants must correctly answer several personal identity verification questions that typically are only known by the taxpayer.
The IRS temporarily shut down the Get Transcript application last week after an initial assessment identified questionable attempts were detected on the system in mid-May. The online application will remain disabled until the IRS makes modifications and further strengthens security for it.
The matter is under continuing review by the Treasury Inspector General for Tax Administration and IRS offices, including Criminal Investigation.
The IRS notes this issue does not involve its main computer system that handles tax filing submission; that system remains secure.
On the Get Transcript application, a further review by the IRS identified that these attempts were quite complex in nature and appear to have started in February and ran through mid-May. In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles. During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.
In addition, to disabling the Get Transcript application, the IRS has taken a number of immediate steps to protect taxpayers, including:
- Sending a letter to all of the approximately 200,000 taxpayers whose accounts had attempted unauthorized accesses, notifying them that third parties appear to have had access to taxpayer Social Security numbers and additional personal financial information from a non-IRS source before attempting to access the IRS transcript application. Although half of this group did not actually have their transcript account accessed because the third parties failed the authentication tests, the IRS is still taking an additional protective step to alert taxpayers. That’s because malicious actors acquired sensitive financial information from a source outside the IRS about these households that led to the attempts to access the transcript application.
- Offering free credit monitoring for the approximately 100,000 taxpayers whose Get Transcript accounts were accessed to ensure this information isn’t being used through other financial avenues. Taxpayers will receive specific instructions so they can sign up for the credit monitoring. The IRS emphasizes these outreach letters will not request any personal identification information from taxpayers. In addition, the IRS is marking the underlying taxpayer accounts on our core processing system to flag for potential identity theft to protect taxpayers going forward — both right now and in 2016.
These letters will be mailed out starting later this week and will include additional details for taxpayers about the credit monitoring and other steps. At this time, no action is needed by taxpayers outside these affected groups.
The IRS is continuing to conduct further reviews on those instances where the transcript application was accessed, including how many of these households filed taxes in 2015. It’s possible that some of these transcript accesses were made with an eye toward using them for identity theft for next year’s tax season.
The IRS emphasizes this incident involves one application involving transcripts — it does not involve other IRS systems, such as our core taxpayer accounts or other applications, such as Where’s My Refund.
The IRS will be working aggressively to protect affected taxpayers and strengthen our protocols even further going forward.
- Written Testimony of Commissioner Koskinen on Unauthorized Attempts to Access Taxpayer Data before Senate Finance Committee
- Get Transcript Application: Questions and Answers