The U.S. Internal Revenue Service and its Security Summit partners are stressing that taxpayers must continue to be wary of online threats like identity theft and fraud.
Keep Your Guard Up
In an October 28 release noting that National CyberSecurity Awareness Month is coming to an end, IRS said, “Lax online behavior can open the door to swindlers eager to swipe people’s personal information and leave themselves vulnerable to tax-related identity theft.”
The release said IRS does not send unsolicited emails to taxpayers and does not use social media to discuss personal and private tax matters, or any payments or tax bills. “Don’t reply, open any attachments, or click on any links” related to these spoofing efforts.
Instead, report a phishing email to the IRS. Do not send screenshots or scanned images of the emails, but forward the email “as is” to phishing@irs.gov. Those reporting also can include the full email header. Then, according to the release, “delete the email.”
The Security Summit
The agency is a member of the Security Summit – a coalition that includes tax software and financial companies, tax professionals, and state tax administrators. Total membership includes 42 state agencies and 24 industry offices, in addition to the IRS.
It was formed in 2015 primarily to protect taxpayers and the tax system against identity theft refund fraud.
This collaborative effort monitors cybersecurity issues, develops reports on activities, and offers multiple online safety recommendations to protect taxpayers from tax-related identity theft.
Recommendations and Resources
In addition to learning how to recognize and report tax-related email phishing scams, the recommendations highlighted in the IRS release include:
- Use strong passwords; consider using a password manager program to store them.
- Enable multi-factor authentication for “extra security.”
- Install a virtual private network (VPN) to use when connecting to public Wi-Fi.
- Protect information by not freely sharing addresses, birthdates, bank accounts and Social Security numbers, among other types of personal identifying data.
- Encrypt tax and other records stored on computers.
- Always update computer and mobile phone software because these include anti-virus and firewall protections to keep those unauthorized to access it out of the system.
The U.S. CyberSecurity and Infrastructure Security Agency (CISO) commemorated the month by providing a webpage that contains numerous tips and resources for protecting personal data online. The material extends from the very basics about passwords to use of artificial intelligence.
Payroll professionals also have a toolkit designed to meet their particular challenges when responding to cyber threats. The Global Payroll Association released Cyber Response: A Toolkit for Payroll Professionals earlier this year (part of its free White Papers collection) that includes checklists for reviewing how “hardened” operations need to be and what to expect in the event of a data compromise.
Author: Michael Baer
Michael Baer is president of Baer Unlimited, an independent research, analysis, and communications provider that helps Payroll modernize operations, stay compliant, and improve the use and security of their data. For more on these issues discussed above, contact him directly at mike.baer@baerunlimited.com, or book Michael as a mentor through the GPA Mentor page.
The U.S. Internal Revenue Service and its Security Summit partners are stressing that taxpayers must continue to be wary of online threats like identity theft and fraud.
Keep Your Guard Up
In an October 28 release noting that National CyberSecurity Awareness Month is coming to an end, IRS said, “Lax online behavior can open the door to swindlers eager to swipe people’s personal information and leave themselves vulnerable to tax-related identity theft.”
The release said IRS does not send unsolicited emails to taxpayers and does not use social media to discuss personal and private tax matters, or any payments or tax bills. “Don’t reply, open any attachments, or click on any links” related to these spoofing efforts.
Instead, report a phishing email to the IRS. Do not send screenshots or scanned images of the emails, but forward the email “as is” to phishing@irs.gov. Those reporting also can include the full email header. Then, according to the release, “delete the email.”
The Security Summit
The agency is a member of the Security Summit – a coalition that includes tax software and financial companies, tax professionals, and state tax administrators. Total membership includes 42 state agencies and 24 industry offices, in addition to the IRS.
It was formed in 2015 primarily to protect taxpayers and the tax system against identity theft refund fraud.
This collaborative effort monitors cybersecurity issues, develops reports on activities, and offers multiple online safety recommendations to protect taxpayers from tax-related identity theft.
Recommendations and Resources
In addition to learning how to recognize and report tax-related email phishing scams, the recommendations highlighted in the IRS release include:
- Use strong passwords; consider using a password manager program to store them.
- Enable multi-factor authentication for “extra security.”
- Install a virtual private network (VPN) to use when connecting to public Wi-Fi.
- Protect information by not freely sharing addresses, birthdates, bank accounts and Social Security numbers, among other types of personal identifying data.
- Encrypt tax and other records stored on computers.
- Always update computer and mobile phone software because these include anti-virus and firewall protections to keep those unauthorized to access it out of the system.
The U.S. CyberSecurity and Infrastructure Security Agency (CISO) commemorated the month by providing a webpage that contains numerous tips and resources for protecting personal data online. The material extends from the very basics about passwords to use of artificial intelligence.
Payroll professionals also have a toolkit designed to meet their particular challenges when responding to cyber threats. The Global Payroll Association released Cyber Response: A Toolkit for Payroll Professionals earlier this year (part of its free White Papers collection) that includes checklists for reviewing how “hardened” operations need to be and what to expect in the event of a data compromise.
Author: Michael Baer
Michael Baer is president of Baer Unlimited, an independent research, analysis, and communications provider that helps Payroll modernize operations, stay compliant, and improve the use and security of their data. For more on these issues discussed above, contact him directly at mike.baer@baerunlimited.com, or book Michael as a mentor through the GPA Mentor page.