Facebook Vice President David Marcus is the face of the company's Libra digital currency, but the original driving force was a 26-year-old female corporate-development...Technologyread more
Amazon's new policy for account suspensions doesn't go far enough to protect sellers from potentially unfair and wrongful suspensions, merchants say.Technologyread more
There is no end in sight to the Boeing 737 Max grounding after two fatal crashes, prompting airlines to rethink their growth plans.Airlinesread more
After a year of flooding, Midwest farmers face a stifling heat wave that's spreading across the U.S.Weather & Natural Disastersread more
On Saturday, Disney's Marvel Studios announced its upcoming slate of superhero films during a panel at San Diego Comic-Con.Entertainmentread more
Moving lots of data to a public cloud over the internet can take months or years. CNBC got an inside look at how AWS transfers data to the cloud for its clients.Technologyread more
A quarter of the S&P 500 companies report earnings next week, and that could buffet the market as investors await the July Fed meeting.Market Insiderread more
Iran's Revolutionary Guard claims a British tanker it still holds, Stena Impero, failed to follow international maritime rules.World Newsread more
"It troubles me that the most important political office in the world is becoming the face of racism and exclusion," Kaeser said in a Twitter post.Politicsread more
Silver's rally could be losing its shine after the precious metal reached its year-to-date high, futures experts warn.Futures Nowread more
Some 40% of Americans would struggle to come up with even $400 to pay for an emergency expense. Just how are so many Americans so short on cash? Blame debt.Personal Financeread more
The recent flood of fraudulent tax returns—both state and federal—is the work of "a criminal gang, possibly working outside the country," a leading cyber security expert told NBC News.
Haywood Talcove, CEO for government solutions at LexisNexis, believes the gang is using stolen user names and passwords to gain access to the accounts of people who use online tax preparation software.
"This is potentially the most serious breach of personally identifiable information in the history of our country," Talcove said. "The tax form is the mother lode of personal information."
Armed with this stolen information—Social Security number, date of birth, dependents, employer and adjusted gross income—the thieves can file bogus state and federal income tax returns. If they can file before you do and their fake return makes it through the system, they can steal a sizeable refund.
The IRS says that it is working with the software industry and with state tax officials to battle fraud. "Preventing and detecting identity theft and refund fraud remains a top priority for the IRS," the agency said in a statement on Friday. It added that taxpayers should continue to file their tax returns as they normally would.
The vulnerability of online tax preparation services became apparent last week when the Utah Tax Commission and the Minnesota Department of Revenue found thousands of potentially fraudulent returns. Those returns were filed using TurboTax, the popular program made by Intuit.
Intuit temporarily stopped the transmission of e-filed state income tax returns on Friday while it investigated. It resumed processing state returns after announcing that it implemented additional verification measures, such as multi-factor authentication, a technology that has proven effective at preventing identity theft.
In a blog post on Friday, the company wrote that filing of federal returns was not affected. But on its Answer Exchange page (how did my TurboTax account get hacked into), a half-dozen customers reported fraud problems with their federal return. The company agrees that is the case.
"We're absolutely aware that tax fraud is happening at the federal level as well, using compromised credentials," Julie Miller, Intuit's vice president of communications told NBC News. "This is a multi-front battle and we are going to fight it at both the state and federal level."
Intuit insists its systems were not breached. The company suggests that victims had their TurboTax login information stolen from "other sources outside the tax preparation process," possibly through a phishing scam or some other online attack.
Lisa Letchworth, who lives in Washington State, doesn't know how it happened, but crooks got into her TurboTax account. Last Tuesday, when she logged on to start her federal return, she got a nasty surprise. A message on the screen said her return had already been filed and the IRS was issuing a refund of $5,013 to someone else on a prepaid card.
"It freaked me out," she said.
Letchworth was able to see the bogus return the criminals had filed. They had all the information from last year's return -- including the names and Social Security numbers of everyone in her family, employer names, even a special education credit she claimed.
"It's really frightening," she said. "It's painfully clear they got into my account."
Because the crooks filed first, Letchworth and her husband will have to prove to the IRS that they were the victims of identity theft. Letchworth said the IRS told them it could take six months to straighten out all the paperwork and get them their refund.
What's going on here?
Tax return fraud isn't new. It's been a massive problem for both the IRS and states with an income tax. The IRS reports that it has blocked more than $63 billion in fraudulent returns since 2011.
Online tax preparation software makes it easy for crooks to create a fake return. Having the refund deposited to a prepaid card provides a low-risk way to access the stolen money.
And the crooks are getting better at beating the system.
Instead of using stolen Social Security numbers to create their fraudulent returns, they buy compromised credentials to gain access to past returns stored on tax preparation software. Using information from a real return to create a false one improves the odds that it will evade detection.
Security expert Brian Krebs told NBC News that he's found login credentials for TurboTax, H&R Block and similar services being sold on the dark web for just pennies each.
"Typically, the usernames and passwords for consumer accounts at these services are obtained via password-stealing malware that infects end-user PCs," Krebs writes on his blog.
What can you do to protect yourself?
If you use online tax preparation software, especially the kind that stores your completed tax returns, change your login information right away. That's really the only thing you can do.
Security experts believe this crime wave will get worse unless the states and the IRS deploy better procedures and more sophisticated software that can detect and stop possible return fraud.