Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
It’s April, which every year brings more news about tax fraud scandals. The news this year, however, is even more disturbing than expected. IBM’s X-Force threat intelligence group released a report last week that showed a 6,000% increase in spam emails designed to steal information from W-2s and other tax documents. Last year, these criminals “earned” over $3 billion through similar scams. And if you were one of the victims, then you are already familiar with the hassles of having your return stolen or a completely false one filed using your identity.
The continuing use of the Dark Web is a major factor behind the acceleration in this form of cybercrime. Stolen identities that include tax information are currently fetching around $40 on illicit marketplaces. While this may not seem like much, it is extremely lucrative when a fishing scam succeeds at stealing thousands of identities. So lucrative, in fact, that would-be scammers can even visit the Dark Web to buy online tutorials on how to perpetrate tax fraud.
Popular scams this year include sending emails that appear to be sent from TurboTax and other tax preparation companies. The hope is that you respond because you use that tax service. So-called spearfishing scams are also targeting corporate human resource departments. They will often send an email to an HR manager, seemingly from a member of the company’s executive staff, requesting W-2 and other tax information on the company’s employees.
Cybercriminals will continue to hone their skills resulting in more convincing emails and websites. They will continue to take advantage of technologies that allow them to increase the number of outbound messages. And they will continue to learn and share new techniques on the Dark Web. This means that all of us, as businesses and as private citizens, need to step up our efforts to protect data. These days, it’s no longer just “a fool and his money” who are soon parted.
As a company, Pondera is closely following the comments coming from the incoming administration about how they are approaching government efficiency and entitlement reform. Paul Ryan, in particular, has made several statements about the Affordable Care Act (Obamacare), Medicare, and Medicaid. This post provides some of our thoughts around how these changes may affect fraud, waste, and abuse.
While changes are clearly coming to Obamacare, this week Speaker Ryan also hinted at potential changes to Medicare and Medicaid. In Medicaid, where Pondera works with multiple states to detect fraud, Ryan hinted that the administration would consider offering tax credits in place of expanding the number of Medicaid recipients. This is necessary because Medicaid expansion, a byproduct of Obamacare, shares its fate with Obamacare.
While the tax credit idea is interesting, it is certainly not without its own problems. Tax credits, which unlike tax deductions offer dollar-for-dollar savings off bottom line taxes owed, are an attractive target for fraudsters. In fact, the Earned Income Tax Credit (EITC), which offers tax breaks to low income Americans, suffers from a 23.8% improper payment rate in 2016. This is one of the highest rates for any government program translating to $15.6 billion in waste.
On the surface, it seems the administration’s idea may shift much or all of the fraud problems in Medicaid expansion from health departments to state tax collection agencies. Here is one thing we can be sure of though: as long as there are large amounts of money in these programs, there will be bad actors who will attempt to defraud the system. And experience shows us that they will create innovative and technologically-advanced methods to support their efforts.