Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Fraud & Identity Theft

IRS Shuts Down e-File PIN Tool After More Attacks

The U.S. Internal Revenue Service (IRS) announced last week that it has decided to shut down the electronic filing PIN tool on its website after detecting more automated attacks.

The U.S. Internal Revenue Service (IRS) announced last week that it has decided to shut down the electronic filing PIN tool on its website after detecting more automated attacks.

The e-File PIN tool on allowed taxpayers to generate PINs that they could use to file tax returns online. The agency reported in February that identity thieves had obtained more than 100,000 PINs by launching an automated bot attack against the tool.

Fraudsters had used names, addresses, dates of birth, filing statuses and social security numbers obtained from other sources to abuse the e-File PIN tool. The IRS kept the application online – at the time it had been used by most commercial tax software products – but implemented additional security features.

The agency recently detected another round of automated attacks at an increasing frequency and despite only a small number of PINs being affected, it has decided to shut down the program as a safety measure. The IRS believes only a small segment of taxpayers are affected because most users don’t actually need the PIN to electronically file tax returns.

The IRS said taxpayers can use the adjusted gross income that can be found in the tax returns from the prior year. For those who don’t have copies of tax returns, they can be obtained via the Get Transcript service.

“Prior to this, the IRS had been working with industry to assess elimination of the e-File PIN later this year,” the agency said.

Earlier this year, the organization also suspended its Identity Protection PIN tool due to security concerns. The tool allows taxpayers to generate or recover a PIN that provides an extra layer of protection against fraudulent tax returns.

Advertisement. Scroll to continue reading.

The IRS recently relaunched its Get Transcript service after it had been shut down for more than a year. The service was launched in January 2014 and suspended in May 2015 due to abuse. Several people have been prosecuted for running fraud schemes involving Get Transcript.

The agency says it has made some significant improvements to the Get Transcript authentication process in an effort to prevent fraudsters from abusing the system.

Related: IRS “Get Transcript” Incident Hit Over 700,000 Taxpayers

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.


Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.


Spanish and US authorities have dismantled a cybercrime ring that defrauded victims of more than $5.3 million.

Application Security

After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple...

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...