Thread: Tax Return Cashout Method ??
View Single Post
  #1  
Old 02-19-2025, 04:11 PM
atkinson's Avatar

atkinson atkinson is offline
Join Date: Sep 2022
Posts: 0
Default

TAX RETURNS
This is a very easy method to do and by the end I am sure you will be wondering why more people do not know about it.
It is gaining media attention this year (specifically in FL) and I suspect that within 1-2 yrs the USA legislators will take the steps necessary to close the loopholes in the tax code so this method will at the very least be much more difficult to reproduce. Currently e-file returns undergo little or NO review process at all before he refunds are sent out.
W2’s are not matched from the employer to the return until several weeks AFTER the close of tax season (far too late to catch discrepancies). The best way to protect yourself from any situation is to know exactly what happens, so you will receive information below which is going to show you for EDUCATIONAL PURPOSES ONLY what a criminal does to fraudulently obtain a tax refund under someone else’s info which should help you protect yourself from such theft.
Scammers need the following:
1) Fullz Info (name, dob, ssn and address)
2) Drop address (foreclosed home, home for sale, rental home, abandoned house or verified drop service) –address can be different from that of the previous tax returns since the return is verified with the AIG PIN from the previous year confirming the address.
3) VPN, Proxy, Sock5, public computer access (wifi also works) -5socks.net
- Check your IP address in system anti fraud detections, detecting real location will display the users current IP info including whether or not the connection is flagged, blacklisted, etc.
-Socks can be found on the forums easily. Or via vendors.
4) Clean email such as hushmail, created while VPN is active! Email is always accessed via secure/anonymous connections and never without first clearing all cookies/cache.
Scammers first gain access to fullz info (name, dob, ssn and address, sometimes filing status). This is very easy to do thru carding forums, employer databases, hacked dbs, inmate dbs, SSN (deceased) dbs, etc. With this info they file w2 federal returns before the SSN holder has a chance to do their own (legitimate) taxes, thereby receiving a fraudulent refund prior to that person receiving theirs. Younger filers return fewer errors since there is less chance of a mismatch on filing status when obtaining the PIN than with older people who may be divorced, married filing separate, married joint filing, etc. When the AIG PIN is confirmed there is little to worry about (IRS allows 3 tries to get AIG pin info right, then locks out the SSN from further attempts. A rejection could be due to bad address, dob or filing status or a combination.) If the SSN is rejected, a new one must be attempted.
To stay protected the scammer will use a VPN service (such as cryptocloud, which is the best VPN available and keeps no logs) which accepts anonymous payment such as LR or money service such as MG or WU. Alternatively they may use proxies, public computer access or SOCKS5 to mask their IP address. This is to prevent any IP logs when filing thru turbotax (TT) or when requesting AIG PIN via IRS website. It’s best to pay for any service (CryptoCloud included) via a secure line, anonymous PC or stolen wifi).
The users will either file thru the IRS e-file directly or file thru the TurboTax website via the free federal EFILE method. TT offers the advantage of a step by step method, cutting down on time so a scammer can complete a return in as little as 30 minutes. This method works so well for them because the IRS doesn’t verify the submitted tax return prior to sending out the refund, in a way (as some news articles stated) the IRS becomes an unwitting accomplice in the matter by having such lax controls. Within 72 hrs of receiving confirmation of a good return, the IRS sends the refund automatically.
The scammer will turn on their VPN, proxy, SOCK5, etc prior to starting to ensure a clean connection (cookies cleared, cache cleared, new window open, check IP address via IP-score, etc). The best way to operate is with VPN on, and on top of that, use Sock5 in the browser for whatever state you’re filing. This makes TT think you’re filing in that state. They start by taking the account information and verifying the AIG PIN prior to starting. If the AIG PIN isn’t available the return can’t be filed and the rest of the work would be a waste of time. In some cases an error will be returned stating there is no PIN, that is OK it just means the person didn’t file a return in the prior year in which case the scammer will check “NO 2012 RETURN FILED†during the return process.
First the scammer verifies the SSN is good by obtaining the AIG PIN (this is the pin verifying the filer is in fact the person whose SSN is being entered). The AIG PIN can be requested via http://https://www.irs.gov/individua...ng-pin-request (ON A SECURE CONNECTION) if the filer cannot remember their Gross Adjusted Income (AIG) from the previous year.
Once verified the scammer creates a profile of the person and creating a TT profile and beginning the guided process. It is not necessary to save the info as it is entered as it only takes 10mins per return on avg. At the end of the return TT requires a profile be created prior to submitting. This is what the throwaway email is for
Telegram @CrookedSmile8