Tax refund theft is an annual concern and 2025 brings an elevated risk, according to a TransUnion (NYSE: TRU) analysis.
Researchers found that in 2024 there were “970 data breaches in which fraudsters obtained the kinds of personally identifiable information (PII) required for various forms of tax fraud.”
In total, 640 million consumer records were “exposed in 2024, containing critical pieces of information like Social Security numbers, address histories, and full names.”
A TransUnion report found full Social Security numbers “were exposed in 71% of data breaches in the first half of 2024 alone—up from 57% in all of 2023.”
The exposed information can help fraudsters “file false tax returns in a victim’s name, or access someone’s bank account to intercept their tax return.”
What they found is that the volume and severity of recent data breaches have created “tremendous vulnerability.”
Government agencies, like the IRS, as well as financial institutions and consumers “need to be alert to this threat.”
Many fraudsters will target call centers to either test the veracity of PII acquired from criminal marketplaces, or to directly impersonate a victim.
Call center leaders must look out for suspicious calls—such “as those that show signs of spoofing, or those placed through a Voice-over-IP service—even for routine requests like address changes or tax return tracking.”
In addition, fraudsters will access online government portals with stolen PII to validate “stolen identity information, file false returns or intercept return status updates.”
Agencies should employ identity verification and document authentication technologies to flag impersonators “who may also use AI to generate photo-realistic credentials.”
The researchers note branded calling tools are “likely needed for agencies looking to proactively notify taxpayers whose returns are at risk, given the volume of government impersonation fraud.”
A recent TransUnion survey found that “62% of consumers won’t answer a call from a number or caller ID name they don’t recognize, even if they’re expecting a call from a government agency.”
While the government should look out for fraudsters attempting to falsely file and claim tax returns, banks and other financial institutions “should check to confirm that the payee matches the account owner on record.”
This can help ensure that incoming funds are intended for that customer.
Even prior to this point, however, banks should already be “scrutinizing their deposit account openings to check for potentially fraudulent account creations that are used for criminal activities like drop accounts and mule accounts.”
Similarly, financial institutions should “remain diligent to try to protect their existing deposit accounts from account takeovers.”
Consumers can also protect themselves by “monitoring their bank account activity and credit history.”
When they know their tax refund is due, they can “check regularly to ensure it remains in their account.”
They can also use credit monitoring services “to know if fraudsters have created new accounts in their name.”
As noted in the update, TransUnion is a global information and insights company with over “13,000 associates operating in more than 30 countries. We make trust possible by ensuring each person is reliably represented in the marketplace.”
They do this with a Tru picture of each person: an “actionable view of consumers, stewarded with care.”
Through acquisitions and technology investments they have developed innovative solutions that “extend beyond our strong foundation in core credit into areas such as marketing, fraud, risk and advanced analytics.”
As a result, consumers and businesses can “transact with confidence and achieve great things.”