Tax season is in full swing, with consumers having about a month remaining to file their federal and state returns.

And according to a TransUnion analysis, tax refund theft is an annual concern, with this year including an elevated risk.

Researchers found that in 2024 there were 970 data breaches in which fraudsters obtained the kinds of personally identifiable information (PII) required for various forms of tax fraud.

In total, TransUnion reported 640 million consumer records were exposed in 2024, containing critical pieces of information like Social Security numbers, address histories, and full names.

Another recent TransUnion research project found full Social Security numbers were exposed in 71% of data breaches in the first half of 2024 alone — up from 57% in all of 2023.

Experts said the exposed information can help fraudsters file false tax returns in a victim’s name, or access someone’s bank account to intercept their tax return.

“What we found is that the volume and severity of recent data breaches have created tremendous vulnerability,” said Greg Schlichter, director of research and consulting for TransUnion’s public sector business. “Government agencies, like the IRS, as well as financial institutions and consumers need to be alert to this threat.”

TransUnion explained many fraudsters will target call centers to either test the veracity of PII acquired from criminal marketplaces, or to directly impersonate a victim.

Experts said call center leaders must look out for suspicious calls — such as those that show signs of spoofing, or those placed through a Voice-over-IP service — even for routine requests like address changes or tax return tracking.

In addition, TransUnion pointed out that fraudsters will access online government portals with stolen PII to validate stolen identity information, file false returns or intercept return status updates.

Experts said agencies should employ identity verification and document authentication technologies to flag impersonators who may also use AI to generate photo-realistic credentials.

“There are a number of fraud prevention tools that agencies can leverage,” TransUnion U.S. head of fraud Naureen Ali said. “Using call authentication and identity resolution capabilities will make it easier to thwart fraud attempts that use stolen and synthetic identities.”

Researchers also noted branded calling tools are likely needed for agencies looking to proactively notify taxpayers whose returns are at risk, given the volume of government impersonation fraud.

A recent TransUnion survey found that 62% of consumers won’t answer a call from a number or caller ID name they don’t recognize, even if they’re expecting a call from a government agency.

While the government should look out for fraudsters attempting to falsely file and claim tax returns, TranUnion suggested that banks and other financial institutions should check to confirm that the payee matches the account owner on record. This can help ensure that incoming funds are intended for that customer.

“Even prior to this point, however, banks should already be scrutinizing their deposit account openings to check for potentially fraudulent account creations that are used for criminal activities like drop accounts and mule accounts,” TransUnion said. “Similarly, financial institutions should remain diligent to try to protect their existing deposit accounts from account takeovers.

“Consumers can also protect themselves by monitoring their bank account activity and credit history. When they know their tax refund is due, they can check regularly to ensure it remains in their account. They can also use credit monitoring services to know if fraudsters have created new accounts in their name,” TransUnion went on to say.