IRS Shuts Down e-File PIN Tool After More Attacks

The U.S. Internal Revenue Service (IRS) announced last week that it has decided to shut down the electronic filing PIN tool on its website after detecting more automated attacks.

The e-File PIN tool on IRS.gov allowed taxpayers to generate PINs that they could use to file tax returns online. The agency reported in February that identity thieves had obtained more than 100,000 PINs by launching an automated bot attack against the tool.

Fraudsters had used names, addresses, dates of birth, filing statuses and social security numbers obtained from other sources to abuse the e-File PIN tool. The IRS kept the application online – at the time it had been used by most commercial tax software products – but implemented additional security features.

The agency recently detected another round of automated attacks at an increasing frequency and despite only a small number of PINs being affected, it has decided to shut down the program as a safety measure. The IRS believes only a small segment of taxpayers are affected because most users don’t actually need the PIN to electronically file tax returns.

The IRS said taxpayers can use the adjusted gross income that can be found in the tax returns from the prior year. For those who don’t have copies of tax returns, they can be obtained via the Get Transcript service.

“Prior to this, the IRS had been working with industry to assess elimination of the e-File PIN later this year,” the agency said.

Earlier this year, the organization also suspended its Identity Protection PIN tool due to security concerns. The tool allows taxpayers to generate or recover a PIN that provides an extra layer of protection against fraudulent tax returns.

The IRS recently relaunched its Get Transcript service after it had been shut down for more than a year. The service was launched in January 2014 and suspended in May 2015 due to abuse. Several people have been prosecuted for running fraud schemes involving Get Transcript.

The agency says it has made some significant improvements to the Get Transcript authentication process in an effort to prevent fraudsters from abusing the system.

Source:http://www.securityweek.com/

Advertisements

About webimprint

Webimprints is the leading company which provides global information security services to the client around the World.
This entry was posted in Cyber Security and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s