My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Anthem, TurboTax and How Things "Fit Together" Sometimes

Published: 2015-02-06. Last Updated: 2015-02-06 21:22:46 UTC
by Johannes Ullrich (Version: 1)
4 comment(s)

Everybody probably heard of the Anthem data breach. If you are affected, you probably got an e-mail from your HR person with some details by now, or you got a phishing e-mail making sure you can enjoy the "Breached" feeling even without having a health plan with Anthem. 

Whenever there is a big event, be aware that others may jump on the coat tails of the news coverage to take advantage of the general confusion. Hardly any "Anthem" customers actually hear of the name before, as they typically use a local healthplan that is part of the larger Anthem network.

If you receive any phishing emails (only got one so far, but I bet there are more out there) , then please forward it.

On the same note: What is someone going to do with your social security number? The standard answer is "identity theft" and "taking out a loan in your name". Either method is actually quite laborious, and people comiting fraud don't do it because they like to work hard for their money. Turns out there is an easier way, and that gets us to the second story today:

TurboTax (Intuit) today announced that they will not process state returns due to excessive fraud. Tax season of course is just heating up in the US, and TurboTax decided to stop processing state returns after at least one state refused to accept them due to a high rate of fraud for returns filed with TurboTax.

Apparently, for your convenience, TurboTax saved the information you submitted in prior years. If you have ever filled out a tax return, this information can be difficult to dig up. To retrieve this information, you need your global universal password: Your social security number. The result is that by using Turbo Tax, and knowing a tax filers Social Security Number, fraudsters can very easily assemble a plausible tax return and pocket the refund. This fraud is often undetected until the actual tax payer submits a return. In this case, the later return is rejected and now the legitimate tax payer has to proof that their return is more legitimate then the earlier one. This can lead to extensive delays in receiving a refund.

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

4 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments

The TurboTax point is slightly misleading. From Intuit's press release: "Intuit took the precautionary step Thursday, Feb. 5, of temporarily pausing its transmission of state e-filing tax returns. Intuit will be working with the states today to begin turning transmissions back on"

That said, glad somebody's finally taking notice of this issue and forcing a sanity check.
Maybe it's time for the government and private enterprise to assume all social security numbers are compromised and figure out what comes next re consumer security.
South Carolina e-filing is working.
"...In this case, the later return is rejected and now the legitimate tax payer has to proof that their return is more legitimate then the earlier one. This can lead to extensive delays in receiving a refund..."

And this is one of two reasons I always try to adjust my withholding so I owe the IRS money (but not so much I pay a penalty), not the other way around. Any rational person looking at two returns, one legit, one fraudulent, where one says they get a refund, and the other says they owe the IRS and include some money, can pick out the real one.

Diary Archives