A warning has been issued to all taxpayers and tax professionals alike: Beware of scams and identity theft schemes by criminals taking advantage of the holiday shopping period, the approaching tax season and the coronavirus pandemic.
The warning comes from the Internal Revenue Service and its Security Summit partners as the IRS, state tax agencies and the income tax industry kick off National Tax Security Awareness Week at the traditional start of the holiday shopping season.
Holiday shopping, combined with the upcoming tax season and an increased trend toward working remotely, makes increased online security an absolute necessity.
"This is generally the hunting season for online thieves, but this year there's a dangerous combination of factors at play that should make people more alert," said IRS Commissioner Chuck Rettig. "The combination of online holiday shopping, the approaching filing season and more of us are working remotely puts people more at risk. People can help avoid becoming victims of scams or identity thefts, by taking a few simple steps to help protect sensitive tax and financial information."
The Security Summit—which teams up the IRS, state tax agencies and members of the nation’s tax industry at large—marks the start of this, the fifth National Tax Security Awareness Week, with some basic tips on safeguards everyone should take.
Here are a few basic steps—for everyone:
- Don't forget to use security software for computers and mobile phones –- and keep it updated.
- Make sure purchased anti-virus software has a feature to stop malware, and there is a firewall that can prevent intrusions.
- Phishing scams—like imposter emails, calls and texts—are the leading way thieves steal personal data. Don't open links or attachments on suspicious emails. This year, fraud scams related to COVID-19 and the Economic Impact Payment are common.
- Use strong and unique passwords for online accounts. Use a phrase or series of words that can be easily remembered or use a password manager.
- Use multi-factor authentication whenever possible. Many email providers and social media sites offer this feature. It helps prevents thieves from easily hacking accounts.
- Shop at sites where the web address begins with "https"—the "s" is for secure communications over the computer network. Also, look for the "padlock" icon in the browser window.
- Don't shop on unsecured public Wi-Fi in places like a mall. Remember, thieves can eavesdrop.
- At home, secure home Wi-Fi with a password. With more homes connected to the web, secured systems become more important, from wireless printers, wireless door locks to wireless thermometers. These can be access points for identity thieves.
- Back up files on computers and mobile phones. A cloud service or an external hard drive can be used to copy information from computers or phones—providing an important place to recover financial or tax data.
- Working from home? Consider creating a virtual private network (VPN) to securely connect to your workplace.
Don’t overlook your phone.
The Security Summit partners also note that these precautions don’t just cover office computers—they apply to smartphones as well. Keep in mind that thieves have become much more adept at compromising cellphones. Phone users are also more prone to open a scam email from their phone than from their computer.
Taxpayers can check out security recommendations for their specific mobile phone by reviewing the Federal Communications Commission's Smartphone Security Checker. Since phones are used for shopping and even for doing taxes, remember to make sure phones and tablets are just as secure as computers.
The truth shall keep you safe.
Some basic facts can keep you out of trouble when it comes to cybercriminals. The IRS will not call, text or email about your Economic Impact Payment or your tax refund. Nor will the IRS call with threats of jail or lawsuits over unpaid taxes. Those are scams.
The Federal Bureau of Investigation has already issued warnings about fraud and scams related to the pandemic. It specifically warned of COVID-19 schemes related to taxes, anti-body testing, healthcare fraud, cryptocurrency fraud and others.
COVID-related fraud complaints can be filed at the National Center for Disaster Fraud.
The Federal Trade Commission also has issued alerts about fraudulent emails claiming to be from the Centers for Disease Control or the World Health Organization. Keep atop the latest scam information and report COVID-related scams at www.ftc.gov/coronavirus.
This is the first in a week-long series of reminders to raise awareness about identity theft. Check out IRS.gov/SecuritySummit for more details.