Ayodele Arasokun was sentenced to 34 years in federal prison for orchestrating an international tax scheme.
According to the court documents, from January 2016 to November 2017, Arasokun devised a scheme to unlawfully obtain tax refund money by filing fraudulent federal income tax returns. Arasokun collected the names, dates of birth, and Social Security numbers (SSNs) of multiple individuals across the U.S. Using this information, Arasokun compromised the IRS Electronic Filing Pin application, an online electronic portal used for e-filing.
The government didn’t allege that he pushed the button for all of the returns to file them, but it doesn’t have to show that to prove a conspiracy, which was one of the 21 counts.
Arasokun then electronically filed and attempted to e-file fraudulent federal income tax returns. The returns contained fictitious income amounts, withholdings, and other false information. He then directed tax refunds to be deposited into prepaid debit cards and bank accounts that he monitored.
Investigators discovered that Arasokun was tracking approximately 700 U.S.-based accounts containing over $50 million. Of the $9.1 million claimed by Arasokun in false federal income tax returns, the IRS paid out $2.2 million in fraudulently obtained refunds.
Arasokun is originally from Nigeria. However, he was arrested and detained in France, where he allegedly participated in the crime at the request of the U.S. government. To ensure that he showed up to face the charges, the government requested a “Red Notice” from INTERPOL, basically an international arrest warrant.
Conviction
A jury convicted Arakosun in October 2022 of 21 counts of wire fraud and aggravated identity theft. According to court documents and statements, Arasokun, who was just outside of Paris, France, coordinated a scheme to file 1,701 false returns with West Virginia residents among the victims.
After the initial verdict, U.S. Attorney William Ihlenfeld said, “The jury’s verdict sends a clear message to criminals everywhere: don’t mess with the IRS.” He added, “We have the best cybercrime investigators in the world and if you tamper with our tax system, we will find you, extradite you, and incarcerate you.”
Investigation
The crime was investigated by IRS-Criminal Investigation and the Treasury Inspector General for Tax Administration (TIGTA) – Cybercrime Investigations Division investigated. TIGTA was involved because of its work investigating abuses of the IRS’s online electronic portals, including the Electronic Filing Pin application, which was compromised in this case.
An e-filing PIN is used to help taxpayers protect their accounts when filing their tax returns electronically. It’s important to note that an e-filing PIN is not the same as an Identity Protection Personal Identity Numbers (IP PIN). The latter is a unique six digit sequence that helps the IRS verify a taxpayer’s identity: when you have an IP PIN, it prevents someone else from filing a tax return with your SSN since returns which don’t include the correct IP PIN may be booted back. The e-filing and IP PINS aren’t interchangeable.
The government’s initial filings did not explicitly draw a line between Arasokun’s activities and the 2016 attacks on its e-filing system, but the dates are parallel.
In February of 2016, the IRS reported illegal attempts to access its systems. According to the IRS website, the federal agency was able to stop an attack on its e-filing PIN application. The attacks were initiated using out-of-wallet information from a third party tied to stolen SSNs.
According to the IRS, there were unauthorized attempts made involving approximately 464,000 unique SSNs. More than 100,000 of those were used to successfully access an e-filing PIN. The IRS will be notifying those affected taxpayers and will mark those accounts to protect against potential tax-related identity theft.
At the time, the IRS said no personal taxpayer data was compromised or disclosed.
However, the attacks continued. In June of 2016, the announced that the e-filing PIN tool was no longer available on IRS.gov or phone. The reason for the change in policy? “Additional questionable activity.”