Santa Barbara Tax Products Group (sbtpg) is kicking off the 9th annual National Tax Security Awareness week with other Security Summit members. The Security Summit is a joint effort between the IRS, states, the tax industry and tax professionals that works to protect taxpayers and the tax system against identity theft.
“People need to be extra careful during the holidays and during tax season,” said IRS Commissioner Danny Werfel. “Taxpayers should use extra caution this holiday season to protect their valuable personal and financial information, whether shopping online or clicking on links in email and other messages. A little extra caution can protect taxpayers’ confidential information and reduce the risk of identity theft in the upcoming filing season.”
Safety tips to remember during the holidays and throughout the year
During the busiest time of the year for online shopping, the Security Summit reminds taxpayers of some important steps to protect themselves and their information from data thieves:
- Only shop online with secure websites with URLs that begin with “https:” and look for a padlock icon in the browser window
- Don't shop on unsecured public Wi-Fi in places like a mall or restaurant
- Ensure security software is updated on computers and mobile devices
- Watch and help protect the devices of family members who may not be technologically savvy, including young children and seniors
- Make sure anti-virus software for computers has a feature to stop malware, and that there is a firewall enabled to prevent intrusions
- Use strong, unique passwords for online accounts
- Use multi-factor authentication whenever possible
Simple steps can protect taxpayers
In addition to those protective steps, taxpayers should be wary of a variety of email scams. Throughout the year, taxpayers should be aware of different types of email phishing scams that identity thieves and scam artists commonly use.
- Phishing/Smishing – Phishing emails or SMS/texts (known as “smishing”) attempt to trick a recipient into clicking a suspicious link, filling out information or downloading a malware file. Often phishing attempts are sent to multiple email addresses at a business or agency, increasing odds that someone will fall for the trick.
- Spear phishing – This is a specific type of phishing scam that bypasses emailing large groups at an organization, instead identifying potential victims and delivering a more realistic email known as a “lure.” These types of scams can be trickier to identify since they don't occur in large numbers. They single out individuals, can be specialized and make the email seem more legitimate. Scammers can pose as a potential client for a tax professional, luring the practitioner into sharing sensitive information.
- Clone phishing – This is a newer type of phishing scam that clones a real email message and resends it to the original recipient pretending to be the original sender. The new message will have either an attachment that contains malware or link that tries to steal information from a recipient.
- Whaling – Whaling attacks are very similar to spear phishing, except these attacks are generally targeted to leaders or other executives with access to large amounts of information at an organization or business. Whaling attacks can target people in payroll offices, human resource personnel and financial offices as well as leadership.
Three reminders to remain vigilant against fraud and identity theft
- The IRS will never email, text or call to request an IP PIN
- Taxpayers should keep their IP PIN safe and should not reveal their IP PIN to anyone but their trusted tax professional or tax software provider. They should only request an IP PIN to complete a tax return.
- To avoid processing delays, taxpayers should enter their IP PIN on any return, whether filed electronically or by paper, including amended returns and returns for prior years
Taxpayers, businesses can protect themselves with extra security
With identity thieves looking for better sources of data to try filing false tax returns, business and taxpayer security is even more important. We encourage taxpayers, businesses and tax professionals to remember to take some simple steps to protect important financial and tax information.
- Set security software to update automatically
- Back up important files
- Require strong passwords and pair them with multi-factor authentication
- Encrypt all devices
Visit the National Tax Security Awareness Week 2024 for additional information.