This week (November 27 – December 1) marks the second annual National Tax Security Awareness Week, sponsored by the Internal Revenue Service and designed to encourage taxpayers to protect their identities and sensitive tax data. In addition to the IRS, state tax agencies and the broader tax industry – including Security Summit partners such as consumer, business and community groups – are participating in activities to shine a light on potential security concerns related to tax filings and identity theft.
With massive data breaches dominating news headlines in recent years, including those from the likes of Equifax, Yahoo, LinkedIn, and Anthem, it’s more critical than ever that taxpayers take steps to safeguard their information.
In order to best thwart potential cyber breaches and tax-related identity theft, taxpayers should leverage cybersecurity best practices including, but not limited to:
- Beware of Phishing. Phishing lures are clever scams used to tempt users into clicking malicious links, downloading harmful software or divulging personal and/or company information. Phishing scams most commonly use email as their primary weapon, however, voice (‘vishing’) and SMS/text (‘smishing’) attacks are also on the rise. It’s worth noting that hackers and identity thieves will utilize high-pressure scare tactics to instill fear amongst users, thereby increasing the likelihood that you’ll disclose personal information or credentials. This is precisely why IRS scams are often successful. Taxpayers should be wary of suspicious communications from senders claiming to work for the IRS as well as any communications asking for confidential or personal tax information. NOTE: The Internal Revenue Service will only ever contact you via postal mail. They will not call, text or email you.
- Protect Against Malware. Malicious software, known as malware, can corrupt files or computers with the click of a mouse, oftentimes through sophisticated phishing scams like those mentioned above. If a link or email attachment is unexpected and looks suspicious, it probably is. Taxpayers should exercise caution opening unwarranted emails and clicking on pop-ups and other potentially harmful attachments.
- Create Strong Passwords. It’s arguably the easiest way for someone to steal your information, but still, many users remain lax on password security. Wherever you have sensitive personal information stored, especially W-2s, previous tax filings, etc., ensure you utilize strong passwords and change them regularly (at least every 90 days).
- Encrypt Files. Whether you’re communicating with your accountant or uploading tax-related documents to a cloud drive on your personal computer, it’s critical that you consider the security of those files both at rest and in transit. Encrypting files while they’re stored as well as when they’re sent via email is a safe way to transmit information that could prove damaging if intercepted by hackers or identity thieves.
If you have any questions regarding how to protect your identity and tax data, please contact us.