top of page
Search

INTU YOUR TURBO TAX

Updated: May 15

The Experience You’re Not Supposed to Notice


Filing your taxes online is suppose to be made easy, like a piece of cake. But what happens when the system designed to secure your data becomes the very tool used to expose it? On April 8, 2025, I called TurboTax support for help clearing a federal tax form and no matter how many times we tired to clear it, it kept resurfacing. Like a persistent scam-machure. That call lasted over 5 hours.

ree
ree

ree


Towards the end, nothing but a generic email and a case number — and non of my questions answered.

It became obvious this was not about taxes — about who was really on the line.

This isn’t a pattern story. This is a behavioral breach breakdownand it could happen to anyone. Kill the cookie so you can see who was truely behind it and who will try to delay and cover the tracks of what was reveled.

What Triggered the Event

I was mid-filing when I noticed I couldn’t remove a state form. TurboTax support recommended a reset and browser cookie clearance. Within moments of doing so, my account login screen returned with a new phone number and email — neither of which belonged to me.

That’s when the breach surfaced.


When I asked for confirmation on the backend, support reps insisted they couldn't see what I was seeing — and claimed they had no visibility into login data, cookie clearance effects, or account contact changes. I was passed from ID Protection to another department, and then to another, and so on.

ree

I was also asked to download Glance, a remote access software that gave the agent that help up the line the longest had full view of my entire desktop screen — not just the TurboTax site. “There’s nothing blacked out,” the rep said. This raised serious privacy concerns, especially since a prior representative had offered a more limited, secure method that did not involve full-screen visibility. The inconsistency in approach — and the deeper access granted — added another layer of concern to an already compromised situation. Once things started to click and not align and deflect and delay, I started my own record keeping. Here is how one part of our interaction started.



Throughout the 5 hr call, Each time I asked for metadata, login traces, or employee ID verification, I was met with deflection, or ambiguous policies.


Real-World Case to Consider

This isn’t just anecdotal. In March 2025, a class action lawsuit was filed against Intuit — the maker of TurboTax — for allegedly facilitating fraudulent tax filings by failing to implement basic account protection measures. The lawsuit claims:

  • Intuit allowed unauthorized parties to access accounts

  • Fraudulent tax returns were filed without user consent

  • The company delayed introducing critical security features like two-factor authentication

    (Source: ForThePeople.com – March 2025 Class Action)


This aligns exactly with my experience: an unauthorized number and email appeared after cookie clearance, and no one on the support team could explain it — or confirm what backend activity occurred. Yet held me on a 5hr "loop".


Behavioral Red Flags to Watch For

These weren’t technical glitches — they were on-cue behavioral shifts that occurred at very specific moments. Here's what I observed:

  • Inconsistent tech use — earlier reps used internal tools, while others required full Glance downloads with complete screen visibility

  • Throughout the conversations representatives refused to confirm my email — even the last three digits.

  • Identity verification only went one way — I had to confirm mine multiple times, but they refused to confirm theirs.

  • I was told repeatedly that no one could escalate my case — yet was transferred several times

  • "Bear with me" was used consistently to stall after key terms were mentioned


These are not just frustrating moments. They are intentional containment tactics meant to exhaust, confuse, and eventually dismiss a customer reporting something serious.


What I Did During the Call (and What You Can Do)

  • Recorded the session with a note-taking app (use your voice memos or Notes app) even if they say they’re recording, have your own log

  • Asked for case numbers and contact details at every step if they ask for your info, ask for theirs

  • Trust your senses — if something feels scripted or off, it probably is

  • Report it immediately — FTC, IRS, and legal documentation matter

  • Use ChatGPT or another AI assistant to help track tone shifts, call logs, and file reports quickly in real time.

  • Kept my cool and spoke clearly even when the conversation was being redirected. They will try you. Keeping your calm is Key and will only uncover their mess.


The Official Report: What They Said vs. What Happened

After the call, I received an official summary from TurboTax support. It reads:

“Today we discussed the issue of a possible breach of security due to witnessing an unfamiliar IP address after the clearance of cookies. I did transfer the customer to the ID Protect department. I was unable to follow the customer’s request to transfer to any other department concerning this issue as our resources are limited.”
ree

That’s it. No mention of the hours of transfers, the request for backend metadata, the remote access session via Glance, the unlisted contact info on the account, or the tone shifts across calls. Just an IP mention — and then a survey link.


What's at Steak

ree

I am currently awaiting a follow-up from Intuit’s Security Team after submitting a formal breach report to security@intuit.com.


Today, we shed light on how an everyday call to TurboTax became a maze of redirection, ambiguous policy, and behavioral containment — all while a potential -the-middle session breach was unfolding in real time.


If something in the tech feels off — or the human on the line doesn’t match the role they claim — trust that instinct. This isn’t just about taxes. It’s about access, redirection, and who is really in control of your data.

Hold the line — and record it.


Next: We’ll be tracking how/if TurboTax and Intuit respond to the breach report.

And for those of you wondering what to listen for… check the voice recording (listen to how they start to chock up). The real story isn’t just what they said — it’s how, when, and what they avoided.

Stay sharp. Stay sovereign.



Update 5/15/2025:

FOR THE SAFEST AND SECURE PLACE TO FILE PLEASE VISIT https://www.irs.gov/filing/irs-free-file-do-your-taxes-for-free


Side note- Never received that Turbo-Tax response even after following up.





 
 
 

Comments

bottom of page