WASHINGTON – The Internal Revenue Service urged people to continue practicing proper cybersecurity habits by securing computers, phones and other devices. Scams and schemes using the IRS as a lure can take on many variations, so practicing personal information security is vital.
This news release is part of a series called the Tax Time Guide, a resource to help taxpayers file an accurate tax return. Additional help is available in Publication 17, Your Federal Income Tax.
The IRS works with the Security Summit, a partnership with state tax agencies and the private-sector tax industry, to help protect taxpayer information and defend against identity theft. Taxpayers and tax professionals can take steps to help in this effort by doing things like minimizing cybersecurity footprints, staying vigilant in protecting personal tax and financial information and being aware of common scams and schemes.
As a reminder, the IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. Generally, the IRS first mails a paper bill to a person who owes taxes. In some special situations, the IRS will call or come to a home or business.
People should be alert to scammers posing as the IRS to steal personal information. There are ways to know if it’s really the IRS calling or knocking on someone’s door.
Below are a few tips to help minimize exposure to fraud and identity theft:
– Protect personal information. Treat personal information like cash – don’t hand it out to just anyone. Social Security numbers, credit card numbers, bank and even utility account numbers can be used to help steal a person’s money or open new accounts.
– Safeguard personal data. Provide a Social Security number, for example, only when necessary. Only offer personal information or conduct financial transactions on sites that have been verified as reputable, encrypted websites.
– Use strong passwords. Use a password phrase or series of words that will be easy for you to remember. Use at least 10 characters; 12 is ideal for most home users. Mix letters, numbers and special characters. Try to be unpredictable – don’t use names, birthdates or common words. Don’t use the same password for many accounts and avoid sharing them. Keep passwords in a secure place or use password management tools.
Set password and encryption protections for wireless networks. If a home or business Wi-Fi is unsecured, it allows any computer within range to access the wireless network and potentially steal information from connected devices. Whenever it is an option for a password-protected account, users should also opt for a multi-factor authentication process. Multi-factor authentication is critical to protecting your password.
– Avoid phishing scams. The easiest way for criminals to steal sensitive data is simply to ask for it. IRS urges people to learn to recognize phishing emails, calls or texts that pose as familiar organizations such as banks, credit card companies or even the IRS. Keep sensitive data safe and:
- Be aware that an unsolicited email with a request to download an attachment or click on a URL could appear to come from someone that you know like a friend, work colleague or tax professional if their email has been spoofed or compromised.
- Don’t assume internet advertisements, pop-up ads or emails are from reputable companies. If an ad or offer looks too good to be true, take a moment to check out the company behind it.
- Never download “security” software from a pop-up ad. A pervasive ploy is a pop-up ad that indicates it has detected a virus on the computer. The download most likely will install some type of malware. Reputable security software companies do not advertise in this manner.
– Use security software. An anti-virus program should provide protection from viruses, Trojans, spyware and adware. The IRS urges people, especially tax professionals, to use an anti-virus program and always keep it up to date.
Set security software to update automatically so it can be updated as threats emerge. Educate children and those with less online experience about the threats of opening suspicious web pages, emails or documents.
– Back up files. No system is completely secure. Copy important files, including federal and state tax returns, onto removable discs or back-up drives and cloud storage. Store discs, drives and any paper copies in secure, locked locations.
– ID Theft Central. Designed to improve online access to information on identity theft, it serves taxpayers, tax professionals and businesses.
Taxpayers can find answers to questions, forms and instructions and easy-to-use tools online at IRS.gov. They can use these resources to get help when it’s needed at home, at work or on the go.