National Tax Security Awareness Week is Here!

National Tax Security Awareness Week is upon us, and this year the Security Summit released eight online safety tips to combat tax-related identity theft and help protect your data.

The timing of this annual event shouldn’t surprise anyone. There’s a substantial amount of online shopping between Black Friday and Cyber Monday, so you can bank on cybercriminals trying to get their hands on financial information.

With the looming specter of identity thieves preying on holiday shoppers, here's the Security Summit's list of ways you can protect yourself while online.

Phishing Emails

Phishing emails aren’t new to the tax industry—no doubt you will receive several alerts throughout tax season warning of the latest scam email making the rounds. That being said, it’s imperative that everyone learn to recognize the various phishing tactics employed by identity thieves.

Unfamiliar Websites

Just because your search results turned up an unfamiliar website offering a 70-inch, 4K smart TV for $500 doesn’t mean the deal, or the website, is legit. Your best bet is to stick to online retailers you recognize and make sure they’re using an https site, but that designation isn’t foolproof. As the IRS notes, “even bad actors may obtain a security certificate.”

Public Wi-Fi Hotspots

Cybercriminals have made spoofing legitimate Wi-Fi hotspots common practice. If you haven’t already, make sure your smartphone or laptop isn’t set to automatically join Wi-Fi networks and avoid unprotected, public Wi-Fi. Identity thieves use fake hotspots to steal your information.

Security Software

Antivirus, anti-malware, anti-spyware, and other security software remain an integral part of data security strategies. While “install antivirus software” might seem like outdated advice, these programs are absolutely necessary. Just like the security features provided by your operating system, security software must be updated to adequately protect your data. The IRS recommends making sure whatever program you’re using is set to automatically update.

Passwords

It should go without saying that neither “password” nor “123456” qualify as a strong password. Whether you’re using a passphrase or a 10-character password containing a mixture of numbers and special characters, make sure your password meets recommended security standards. Also, be sure to use a different password for each of your online accounts—if you’re worried about confusing or forgetting passwords, you can download a password manager.

Multi-Factor Authentication

Multi-factor authentication is a security practice that requires users present more than one type of information to confirm their identity. One of the most common examples asks for both a password and a PIN, the latter is usually texted to a predetermined phone number. Recent smartphone releases have started including biometrics, fingerprints or face recognition, in their security toolkit.

Account Alerts

Similar to some types of multi-factor authentication, account alerts will send an email or text message to you when there is activity on your account. Many organizations provide a variety of security options and settings that can be activated in your account profile.

Encryption

Encrypted data can only be accessed by users who provide the correct key. It’s a good idea to make sure that sensitive information—like private taxpayer information, for example—is encrypted or transmitted via a secure portal.

What’s Next?

The IRS will release an in-depth look at each of these issues throughout the week, and the first of which will cover phishing emails.