Tax season can be a heyday for identity thieves and cybercriminals. The IRS, working hand-in-hand with state revenue officials, tax preparers and software manufacturers, has created an awareness campaign called ‘Taxes. Security. Together.’ Here are some highlights:
Use security software and make sure it updates automatically; essential tools include:
Check out companies via, at minimum, a quick Google search to find out who you’re really dealing with, and don’t give out personal information online unless the site is encrypted – look for “https” addresses.
If you’re unsure what’s meant by ‘phishing,’ cybersecurity firm Webroot has a great definition:
“The term ‘phishing‘ is a spin on the word fishing, because criminals are dangling a fake ‘lure’ (the email that looks legitimate, as well as the website that looks legitimate) hoping users will ‘bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, usernames, and more.”
Avoid such emails/texts/calls that appear to be from the IRS and companies you know and trust; go directly to their websites instead. Never open an email attachment unless you know who sent it and what it is.
Don’t overshare personal info on social media – information about past addresses, a new car, a new home and your children help identity thieves pose as you. Keep old tax returns and tax records under lock and key, or encrypted if electronic, and shred tax documents before trashing.
Above all, remember that the IRS will NOT:
These are all scams, and they are persistent. Don’t fall for them. Forward IRS-related scam emails to email@example.com, and report IRS-impersonation telephone calls at www.tigta.gov.
You can find the IRS’ full one-page brief here.