• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Not With My Face You Won't!!!! (STOP This IRS Plan!!)

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
They even made it official .....


IR-2022-27, February 7, 2022

WASHINGTON — The IRS announced it will transition away from using a third-party service for facial recognition to help authenticate people creating new online accounts. The transition will occur over the coming weeks in order to prevent larger disruptions to taxpayers during filing season.

During the transition, the IRS will quickly develop and bring online an additional authentication process that does not involve facial recognition. The IRS will also continue to work with its cross-government partners to develop authentication methods that protect taxpayer data and ensure broad access to online tools.

"The IRS takes taxpayer privacy and security seriously, and we understand the concerns that have been raised," said IRS Commissioner Chuck Rettig.

"Everyone should feel comfortable with how their personal information is secured, and we are quickly pursuing short-term options that do not involve facial recognition."

The transition announced today does not interfere with the taxpayer's ability to file their return or pay taxes owed. During this period, the IRS will continue to accept tax filings, and it has no other impact on the current tax season. People should continue to file their taxes as they normally would.


IRS announces transition away from use of third-party verification involving facial recognition | Internal Revenue Service

IR-2022-27, February 7, 2022 — The IRS announced it will transition away from using a third-party service for facial recognition to help authenticate people creating new online accounts.
www.irs.gov www.irs.gov
 
Reviving this. Today I, my wife, and my neighbor all got the following email from ID.me:

Your trust and security are important to us. We routinely monitor all ID.me accounts for anomalous activity, and we recently detected unusual activity that suggests an unauthorized attempt to access your account.

To restore access, please reset your password by clicking on the link below.
Click to expand...

These always make me paranoid, so I went directly to the site, and sure enough, I can't login and need a new password. So I tried this on my account, and my wife's. It never sends either of us the MFA code by phone, although it does have the correct number and email address.

Anyone else get this email today?
 
WilliamM2 said:
Reviving this. Today I, my wife, and my neighbor all got the following email from ID.me:



These always make me paranoid, so I went directly to the site, and sure enough, I can't login and need a new password. So I tried this on my account, and my wife's. It never sends either of us the MFA code by phone, although it does have the correct number and email address.

Anyone else get this email today?
Click to expand...
There was a massive near total hack of National Public Data records publicized finally in July/August (which was breached actually late last year, partially leaked initially in April this year, only finally admitted in August) - up to 3 billion personal records including social security numbers with name and address, as well as e-mail addresses, phone numbers, and in some cases passwords, all sold on the Dark Web from this one breach.
www.kiplinger.com

Nearly 3 Billion People Hacked in National Public Data Breach. What You Need to Know

A database of almost 3 billion people's personal information stolen from National Public Data, a background checking company, was for sale on the dark web for $3.5 million.
www.kiplinger.com www.kiplinger.com
 
WilliamM2 said:
Reviving this. Today I, my wife, and my neighbor all got the following email from ID.me:



These always make me paranoid, so I went directly to the site, and sure enough, I can't login and need a new password. So I tried this on my account, and my wife's. It never sends either of us the MFA code by phone, although it does have the correct number and email address.

Anyone else get this email today?
Click to expand...
You were wise to go directly to the site. I can't help with your question but I've been getting a bunch of verification type of requests from my accounts lately.

As far as that data breach goes, capital one alerted me this week that my name, social and an address from the late 80's early 90's was on the dark web. With that type of knowledge phishing attempts will be on the rise so be vigilant.
 
balloonshark said:
You were wise to go directly to the site. I can't help with your question but I've been getting a bunch of verification type of requests from my accounts lately.
Click to expand...

I just found it odd that all three people I interacted with today got the email. So it really didn't look like a phishing attempt, all three of us have different last names.

And then not being able to reset the password, I wondered if ID.me had some system wide glitch.

No other password reset requests from any other company/service.
 
WilliamM2 said:
I just found it odd that all three people I interacted with today got the email. So it really didn't look like a phishing attempt, all three of us have different last names.

And then not being able to reset the password, I wondered if ID.me had some system wide glitch.

No other password reset requests from any other company/service.
Click to expand...
I didn't mean to imply that it was a phishing attempt. Just that you were wise not to click the link in the email and enter your details. It is always best to go directly to the source and that's what you did.

FWIW I'm searching bing for "email from id.me wants me to reset password" and I'm not getting any helpful results.
 
balloonshark said:
I didn't mean to imply that it was a phishing attempt. Just that you were wise not to click the link in the email and enter your details. It is always best to go directly to the source and that's what you did.

FWIW I'm searching bing for "email from id.me wants me to reset password" and I'm not getting any helpful results.
Click to expand...
I didn't get any results with Google either, at least none that were recent. I did find a reddit post about 3 years old. But he was able to reset his.
 
Lost_in_the_HTTP said:
This is also why our Uncle should never have been allowed to use third party services of any kind.
Click to expand...

Well at least they use MFA. You need to use a password, then you receive an email, then enter code they send you by voice or text over the phone. But the phone code is not arriving for any of us.
 
brycejones said:
You do realize all that data is already available through commercial services or on the dark web right?
Click to expand...
I recently pulled my free risk report from LexisNexis. It's crazy the info they have. It's what insurance companies use to gauge your risk.
 
JTsyo said:
I recently pulled my free risk report from LexisNexis. It's crazy the info they have. It's what insurance companies use to gauge your risk.
Click to expand...
Malwarebytes has pretty good history of your digital history, things like passwords being spilled by what ever web site. Fortunately, it appears the ones they came up with I'm not concerned about as they are real old. Still, I'm tempted to buy some sort of insurance as access to financial stuff and my accumulation scares the crap out of me. All of it accessed online.
Fortunately, while I was still working I had access to government sites which required standard government online security training, on a yearly basis for over a decade.
 
hal2kilo said:
Malwarebytes has pretty good history of your digital history, things like passwords being spilled by what ever web site. Fortunately, it appears the ones they came up with I'm not concerned about as they are real old. Still, I'm tempted to buy some sort of insurance as access to financial stuff and my accumulation scares the crap out of me. All of it accessed online.
Fortunately, while I was still working I had access to government sites which required standard government online security training, on a yearly basis for over a decade.
Click to expand...
You can freeze your credit, and unfreeze it when you specifically plan to apply for something 🙂
 
iRONic said:
Is this the one that SSA made us change to recently?

*grudgingly checks his password list
Click to expand...

SSA now uses LOGIN.GOV OR ID.me you can pick either one you want. I switched from the password model to the LOGIN.GOV and it did not require a picture...
 
nakedfrog said:
You can freeze your credit, and unfreeze it when you specifically plan to apply for something 🙂
Click to expand...

We've done this now for like 6-8 years. Considering the # of times the average person needs to have their credit pulled, it should be a no brainer.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top