Tax Security Tips

It’s that most wonderful time of the year when we cheerfully pay Uncle Sam what we owe. Unfortunately, not only do we have to deal with the stress of filing taxes, we have to watch for ways cyber criminals can take advantage of us. Here are tax security tips:

Phishing in HR and Accounting

Throughout the year, but especially at tax time, be aware that criminals use fraudulent emails to try to trick people into giving up sensitive, identifying information. 

If you work in HR or accounting, be suspicious of any requests for employees’ information. If you get an email asking for W2 information that looks like it’s from the IRS or from an employee in your company, don’t immediately reply. For tax security, always follow up this kind of request with a phone call directly to the sender. You might also have a policy in place about where W2 information can and can’t be sent. 

Keep in mind that the IRS typically does not email requests for information. In fact, the IRS offers help in identifying and reporting phishing scams on this page of its website.

Tax Security for Employees

If your employer or any department of your company requests identifying information, follow up with a phone call or a face-to-face conversation with the supposed requester. Just think: Leaving your desk to head over to accounting could help you get your steps in for the day and you might even pass that candy jar that’s always stocked with m&m’s. Score! 

Also be extra vigilant about emails that claim to come from the IRS or services like Turbo Tax. Never click on unexpected links in an email. Go to the organization’s official website and look for a way to contact them directly.   

If you do use online sites like Turbo Tax, be sure to follow best practices for passwords:

• Create a strong password that is at least eight characters and a mix of capital and lowercase letters, numbers and symbols.
• Use a password vault (we like 1Password) to generate and store passwords.
• Choose a unique password that you’re not using on other sites.
• Change your password at the start of the tax season each year.
• Turn on multi-factor (or two-factor) authentication whenever the option is available.

Facebook scams can pop up around tax time, too. Watch for any links that might be shared for services like Turbo Tax or the IRS. These links could take you to a site that looks like the real thing, but is a sham site created to collect identifying information from unsuspecting users. 

If You’ve Been Breached, Beware

If your personally identifiable information (PII) has been stolen in the past, be extra wary when filing taxes. Once your Social Security number or birth date has been exposed, it’s best to file your taxes early every year and monitor your credit. You should also use an identity shield tool like ID Shield. 

Many employers offer identity shield subscriptions as a benefit. For the sake of tax security, be sure to ask your HR department, and if it’s offered, use it. Happy tax day!