Beginning on Cyber Monday, the Internal Revenue Service (IRS) and Summit Partners, which includes TurboTax, state tax agencies, and other tax industry partners, kicked off the 8th National Tax Security Awareness week from November 27 through December 1 with information for taxpayers and tax professionals on how to avoid scams and protect sensitive information as the holiday season is in full swing.
The focus of National Tax Security Awareness Week this year will be on identity theft to protect taxpayers and tax professionals as the holiday and tax season approaches. With the holidays and tax season approaching, the summit partners warn taxpayers and tax professionals to take extra steps to protect financial and tax information as fraudsters take advantage of the holiday season to trick people into sharing sensitive information by email, text, and online. Identity thieves may use that information to try and file tax returns and steal refunds.
Formed in 2015, the Security Summit partnership between the IRS, state tax administrators and the tax software and tax professional community have worked together to improve defenses and protect people from tax-related identity theft. As part of that effort, the Summit partners worked to raise taxpayer and tax professional awareness about security issues – not only protecting people from the risk of identity theft but helping protect the nation’s tax system from refund-related fraud.
Here are some of the security measures recommended as we head into the holiday and tax season:
Stay Safe While Shopping
With the holiday shopping season underway and tax season fast approaching, the Security Summit partners are alerting taxpayers to take extra steps to protect their financial and tax information during this critical period.
Below are some tips to stay safe while shopping:
- Shop at sites where the web address begins with “https” – the “s” is for secure communications and look for the “padlock” icon in the browser window.
- Don’t shop on unsecured public Wi-Fi in places like a mall or restaurant.
- Keep security software for computers, tablets and mobile phones updated.
- Protect the devices of family members, including young children, older adults as well as less technologically savvy users.
- Make sure anti-virus software for computers has a feature to stop malware, and that there is a firewall enabled that can prevent intrusions.
- Use strong and unique passwords for online accounts.
- Use multi-factor authentication whenever possible. It helps prevent thieves from easily hacking accounts.
The IRS also reminds people about advice from the Federal Trade Commission to never buy anything from online sellers that accept payment only by gift cards, money transfers through companies like Western Union or MoneyGram or cryptocurrency. Payments you make that way are nearly impossible to trace and reverse. Scammers often tell people to use those payment methods so they can get money quickly.
Do Not Give Information Requested Through IRS-Themed Texting Scams
- The IRS warns taxpayers of a recent increase in IRS-themed texting scams aimed at stealing personal and financial information.
- The IRS identified and reported thousands of fraudulent domains tied to multiple MMS/SMS/text scams (known as smishing) targeting taxpayers.
- Be aware the IRS also commonly receives reports of emails urging people to “Claim your tax refund online,” and text messages that something was wrong with the person’s tax return. Taxpayers should be wary and remember, don’t click on links from questionable sources.
- Smishing campaigns target mobile phone users, and the scam messages often look like they’re coming from the IRS, offering lures like fake COVID relief, tax credits or help setting up an IRS online account. Recipients of these IRS-related scams can report them to phishing@irs.gov.
Additional information and highlights of National Tax Security Week include:
Tax professionals should review their security protocols
As identity thieves continue targeting tax professionals, the IRS and the Summit partners urge practitioners to review the “Taxes-Security-Together” Checklist, including:
- Deploy basic security measures.
- Use multi-factor authentication to protect tax software accounts.
- Create a Virtual Private Network if working remotely.
- Create a written data security plan as required by federal law.
- Know about phishing and phone scams.
- Create data security and data theft recovery plans.
Get an Identity Protection PIN
Taxpayers who can verify their identities online may opt into the IRS IP PIN program – a tool taxpayers can use to protect themselves – and their tax refund. Here’s what taxpayers need to know:
- The Identity Protection PIN or IP PIN is a six-digit code known only to the individual and the IRS. It provides another layer of protection for taxpayers’ Social Security numbers on tax returns.
- Use the Get an Identity Protection PIN (IP PIN) tool at IRS.gov/ippin to immediately get an IP PIN.
- Never share the IP PIN with anyone but a trusted tax provider.
Businesses should watch out for tax-related scams and implement safeguards
Most cyberattacks are aimed at small businesses with fewer than 100 employees. Some details from this segment include:
- Learn about best security practices for small businesses.
- IRS continues protective masking of sensitive information on business transcripts.
- A Business Identity Theft Affidavit, Form 14039-B, is available for businesses to report theft to the IRS.
- Beware of various scams, especially the W-2 scam that attempts to steal employee income information.
- Check out the “Business” section on IRS’s Identity Theft Central.
We’ve Got You Covered
See more tips throughout National Tax Security Awareness Week on how to secure your important information and learn more about how TurboTax works hard to safeguard your information on our TurboTax Security page.