Another IRS tax tool bites the dust
- By Zach Noble
- Jun 27, 2016
The IRS has nixed its online and telephone-based electronic filing PIN offerings following increased cyberattacks.
In a June 23 statement, the agency cited an increasing frequency of automated attacks through which hackers could generate the e-file PINs needed to file fraudulent refunds.
Tax industry insiders have long sounded the alarm on the tool's reliance on Social Security numbers and other static identifiers. Answers to such "out-of-wallet" questions can sometimes be easier for scammers to obtain than answers to the knowledge-based authentication that failed to protect another IRS web tool, Get Transcript.
IRS officials said they were shutting down the e-file PIN options as a precaution to protect taxpayers, and they had already been working with the tax-preparation industry to eliminate the feature.
The tool has been the target of bot attacks since at least February, but officials said they opted to delay taking the tool off-line because most commercial tax-preparation software relies on it to some degree.
As it yanks down insecure web tools, the IRS has been building a new security model that incorporates two-factor authentication and a harder-to-answer series of security questions.
Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.
Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.
Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.
Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.