Tax Professionals May Be the Next Ground Zero in Cybersecurity Battle
America’s income tax professionals are being enlisted into a growing force of industry partners who are focused like never before on protecting their financial information – and that of their customers.
This year saw a new round of tactics from cyber-criminals that signaled a sea change in the computer security field within the income tax industry. No longer content to target just taxpayers, identity thieves and fraudsters are now advancing against tax preparers. Recent tactics show just how sophisticated they can get.
It started with the same kind of phishing emails that once were sent just to taxpayers, claiming to be from the IRS. Hackers then broke into the IRS’ own computer system, sending shockwaves through the industry. Recently, intruders have been able to take remote control of some tax preparers’ computers in order to file fraudulent tax returns.
That’s why Drake is standing with its tax industry partners, state tax agencies and the Internal Revenue Service to launch an awareness campaign aimed at the tax preparers who could find themselves in the front lines. It’s called, “Protect Your Clients; Protect Yourself.”
Know the Enemy
Identity thieves are a formidable foe. Data breaches are increasing, both in numbers and in their scope. Once in a computer system, thieves often use stolen identity information to file fraudulent tax returns.
As a tax preparer, you play a critical role in protecting taxpayer data as well as your own. Recent successes by hackers and cyber-crooks show that computer security has to be an over-reaching philosophy to successfully protect you and your data. While most tax pros have software with security protections, on its own, it may not be enough.
As part of National Tax Security Awareness Week, the Internal Revenue Service has shared some basic security steps we all can take to increase the safety of our data:
- Secure Data. Make sure that taxpayer data, including data left on hardware and media, is never left unsecured; use security software on all digital devices.
- Shred Documents and Destroy Media. Securely dispose of taxpayer information.
- Use Strong Passwords. Require strong passwords (numbers, symbols, upper and lowercase) on all computers, tax software programs and Wi-Fi.
- Change Passwords. Require periodic password changes every 60 – 90 days.
- Safely Store Data. Store taxpayer data in secure systems and encrypt information when transmitting across networks.
- Encrypt Email. Encrypt e-mail that contains taxpayer data.
And it’s not just about hardware and software. Learn to recognize phishing attempts that masquerades as a message from tax software providers or the IRS. Many of these try to get you to click on a link or download attachments; instead, they could steal your usernames and passwords stored on your computer – or install secret software that tracks your keystrokes.
To stay up to speed with the latest alerts, register for e-News for Tax Professionals from the IRS. You can also check out Fact Sheet 2016-23 for additional tips.