Sophisticated data theft scams and identity fraud continue to proliferate, prompting the Internal Revenue Service (IRS) to issue a warning for practitioners to maintain vigilance. As part of their summer special awareness series, in collaboration with the Security Summit
An alliance that includes the IRS, software industry representatives, tax preparation firms, payroll and tax financial product processors, and state tax administrators—the IRS aims to combat identity theft refund fraud and protect taxpayers by sharing insights into emerging fraud and cyber schemes.
The prevalence and sophistication of scams are evident, transcending mere IRS-related tax return matters. A personal experience underscores this reality—a call purportedly from a bank’s legitimate 1800 number, with a well-informed individual on the line, informing about large-scale transactions on the account.
The caller even knew personal details like past cities of residence. Caution and awareness about phone scams proved fortunate, as the recipient wisely hung up and contacted the bank directly. It turned out that no suspicious transactions existed. These scammers now employ tactics to even spoof real customer service numbers, adding to the deception.
The IRS’s recent press release, concluding a comprehensive series, urges tax professionals to prioritize robust security measures and adopt crucial steps to safeguard themselves and their clients from identity theft. Previous sessions in the series highlighted identity theft red flags and evolving phishing scams.
Safeguarding Sensitive Taxpayer Data
However, the IRS emphasizes the importance of maintaining strong security within tax practices and taking necessary precautions while handling sensitive taxpayer information at businesses or homes. A Written Information Security Plan is highlighted as a valuable tool, offering a 28-page template that simplifies data security planning, particularly for smaller practices.
The IRS underscores several critical guidelines for tax professionals to shield taxpayer information:
- Exercise Caution with Email Attachments and Links: Scammers adeptly mimic legitimate entities, including the IRS, taxpayer clients, and businesses. Be cautious with email attachments and web links.
- Segregate Personal and Business Devices: Avoid using personal devices for business activities, including online banking, to prevent security vulnerabilities.
- Mindful Downloads: Do not download software from unknown sources. Exercise caution with freeware or shareware downloads.
- Prioritize Strong Passwords: Use strong passwords with a length of at least 14 characters. Implement multifactor authentication for enhanced security.
- Regularly Change Default Passwords: Change default passwords immediately upon setup and periodically thereafter.
- Update Passwords Frequently: Changing passwords every three months is recommended. Password management applications can be valuable for storing and organizing passwords.
In case of suspected data theft or identity fraud, prompt reporting to a local IRS Stakeholder liaison is crucial. Timely reporting allows the IRS to prevent fraudulent returns and aid tax professionals through resolution. Many states also mandate notifying the state attorney general of data breaches, highlighting the critical importance of swift action in the face of cyber threats.
Source: Wealth Management