The tax return called for the refund to be sent to a Walmart employee — not the country’s most powerful law enforcement official.
Yet the return, filed a year ago, used the name, Social Security number and birthdate of Eric Holder. The U.S. attorney general had just become a victim of identity theft fraud.
The case, prosecuted here in Atlanta, shows how easy it is to gain access to personal information and exploit it for financial gain. The Holder case, for example, involved two former high school buddies from DeKalb County, now 21, who have both pleaded guilty.
“Identity theft has literally exploded, with fraudsters using the stolen information for everything from tax refund fraud to credit card fraud,” U.S. Attorney Sally Yates said. “If the Attorney General of the United States can be be victimized, anyone can.”
Anyone with an identity will have it stolen one day, security experts say.
“Identity theft is becoming the third certainty in life,” said Adam Levin, the former director of New Jersey’s office of consumer affairs and chairman of Identity Theft 911. “It’s prevalent. It’s getting worse. You can put off the day of reckoning, but inevitably at some point in your life you’ll become a victim.”
Security breaches have dominated the news in recent months. Target, Neiman Marcus and Michaels Stores disclosed hacks or thefts involving millions of customers’ IDs. This week, researchers warned about a threat known as Heartbleed that could compromise email and other online accounts.
‘Importer/exporter’ for Vandelay Industries
Last year, the IRS assigned more than 3,000 employees to work on identity theft cases, twice as many as the year before. From 2011 through November 2013, the IRS stopped 14.6 million suspicious tax returns, protecting more than $50 billion in fraudulent refunds, the agency said.
Such was the case with the return filed under Holder’s name, which the IRS caught before it was fully processed.
The two men who obtained Holder’s and others’ personal IDs from black market Internet sites were able to process a number of fraudulent claims. One victim told the court that his wife was pregnant with the couple’s seventh child at the time his identity was stolen, and the false tax return kept the couple from getting their legitimate and much-needed refund.
The scam was carried out by Yafait Tadesse, then a University of West Georgia student and a former honor student at Southwest DeKalb High School, and Eyaso Abebe, a Stone Mountain man who describes himself on his Facebook page as an “Importer/Exporter” for Vandelay Industries — the fictitious company concocted by George Constanza on the TV show “Seinfeld.”
Tadesse was recently sentenced to a year and a day in federal prison. Abebe is to be sentenced in August.
Tadesse’s lawyer, federal defender Suzanne Hashimi, said there is no evidence that either defendant recognized Holder’s name or knew he was the attorney general. Federal prosecutors also say they do not believe Holder was targeted because of his position.
The fake returns filed by Tadesse and Abebe claimed refunds for Walmart employees earning similar wages. These were to be loaded onto prepaid debit cards that listed the address of Tadesse’s apartment complex in Carrollton.
Fraudulent filing — on the neighbor’s wifi
Once federal authorities were alerted that a refund was issued under Holder’s name, they tracked the filing to an IP address in Abebe’s DeKalb neighborhood. Prosecutors said Abebe was using his neighbor’s wireless connection to file the fraudulent returns, and agents later obtained surveillance videos showing Tadesse using one of the prepaid cards at Kroger, Publix and Walmart stores in Carrollton.
The men sought $24,050 in refunds, although just $4,014 was actually issued.
In a statement issued this week, Holder said the public must be vigilant as the April 15 tax filing deadline approaches.
“After all, identity thieves can target anyone – something I saw firsthand last year, when two people attempted to get a fraudulent tax refund using my personal information,” Holder said.
Security expert Robert Siciliano, president of bestIDtheftcompanys.com, estimated that tax identity fraud nets thieves more than $4 billion a year.
“A problem is that, with filing taxes, it’s all based on the honor system,” Siciliano said. “So long as everyone is being honest, there will be no problems. But there are a lot of wolves out there.”
Identity theft can be committed a multitude of ways, because our personal information exists on so many databases, including those of schools, government agencies, doctor’s offices, hospitals, insurance companies and utilities.
Insiders commit most identity theft, Siciliano said. “It could be an orderly in a hospital, someone in an HR office, a bookkeeper at an accounting firm. It’s anybody with access to the data.”
Fraudsters then buy the ID information and use it to open lines of credit under unsuspecting victims’ names, ruining their credit. It can take months, even years, to clean up such a mess.
Stealing grads’ names right off the program
In one example last year, thieves allegedly picked up programs at graduation ceremonies of Emory University’s law and medical schools and then used the names to obtain the graduates’ birthdates and Social Security numbers from online databases, authorities said.
The two defendants, Maario Coleman, 27, and Angela Russell, 42, then applied for postgraduate “bar loans” and “residency loans” under the students’ names at Discover Bank, prosecutors said. Such loans are used to cover law students’ living expenses and preparation for the bar exam and med students’ residency expenses and their board exam review courses.
Because Discover Bank often requires school transcripts before approving these loans, Coleman and other co-conspirators used the students’ IDs to obtain passwords to access Emory’s online portal and order transcripts, prosecutors allege. Coleman sent the transcripts to the bank, which approved loans that were deposited into bank accounts fraudulently opened in the students’ names, prosecutors said.
Investigators have identified more than $200,000 in false loan applications taken out over the course of the alleged scheme under the names of more than 100 students at Emory and other Georgia colleges.
Coleman and Russell, who have entered not guilty pleas, were arrested Nov. 6. That day, law enforcement officials said, they found both at Russell’s apartment, and a fire burning in the fireplace. Agents put out the fire and found charred documents and computer hard drives and a laptop that were burned and dismantled, prosecutors said.
PROTECT YOUR GOOD NAME
Identity theft experts Adam Levin and Robert Siciliano say most people should operate under the assumption that their personal identifying information has already been compromised. But they offer these tips on how to minimize, manage and monitor any possible damage:
- Shred all documents that contain your personal identifying information.
- Never carry your or your children’s Social Security cards.
- Do not conduct personal banking on your cell phone in areas that offer free WiFi service.
- Make passwords to your accounts long, strong and not easily decipherable, and do not share passwords across different sites. (Also, do not use your email address as your user ID.)
- Be highly skeptical of any email that asks you for personal identifying information.
- File your taxes early to stay one step ahead of fraudsters who may be trying to file false returns under your name.
- Consider buying identity theft protection, which can monitor your Social Security number and alert you when it’s used to obtain a loan.
- Get a credit freeze that prevents any lender from seeing your credit report without your authorization.
- If someone claiming to be from a company or government agency calls and asks for your personal information, hang up the phone and call that entity’s customer service desk.
- Get in the habit of taking a few minutes each day to check your bank and credit card accounts to make sure all transactions listed on those accounts are ones you made.
- If you believe you may be a victim of tax return-related identity theft, contact the IRS Identity Protection Specialized Unit at 800-908-4490, extension 245 (Monday through Friday, 7 a.m. - 7 p.m. local time).
TAX RETURNS FOR PRISONERS
In recent years, the U.S. attorney in Atlanta has prosecuted a number of cases in which individuals used creative ways to commit identity theft fraud. Among them:
- Bernardo Davis, a Stockbridge tax preparer, was sentenced in February to 21 1/2 years in prison for leading thousands of victims to believe they could apply for federal stimulus payments or government funds if they provided their names and Social Security numbers. Davis and other co-conspirators used these stolen IDs to file fraudulent returns seeking more than $19 million in bogus refunds. Evidence at Davis’ trial showed that more than 1,600 refund checks were sent to his home address.
- Cora Cadia Ford, of Stone Mountain, was sentenced in January to 9 years and 3 months in prison for filing false tax returns using stolen identities, including those of homeless and disabled people. In some instances, Ford would persuade victims to give her their IDs so she could apply for homeless grants on their behalf. Ford, who ran a small church with her now-deceased husband, also told parishioners she would file tax returns on their behalf and it would be a “gift from God,” prosecutors said.
- Bradford Thomas, of Cobb County, was sentenced this month to 10 years and 1 month in prison for using the stolen identities of prisoners to file false federal income tax returns. Over three years, Thomas orchestrated a scheme to file more than 1,200 bogus returns using the names and Social Security numbers of many victims who were incarcerated in prisons and jails throughout the country. His scam resulted in a loss of more than $1.6 million in tax dollars, prosecutors said.