‘Tis the season to think about how you can give to family, friends, and charities, but you also have to think about how to safeguard your financial information from those who may not be as charitable. Taxpayers and tax professionals face a heightened risk in coming months as fraudsters continue to use the pandemic to trick people into sharing sensitive personal information by email, text message, and online. Identity thieves can use that information to try filing tax returns and stealing refunds.
In order to remind people about important steps they can take to protect themselves and their tax information, The Internal Revenue Service (IRS), TurboTax, state tax agencies, and other tax industry partners have announced the launch of this year’s National Tax Security Awareness Week.
The week, which takes place from November 29 –December 3, will feature a series of educational materials to help protect individuals, businesses, and tax pros from identity theft.
National Tax Security Awareness Week features basic security guidance for those most at-risk: individual taxpayers, business taxpayers, and tax professionals. A special emphasis for this year will be focusing tax security awareness on younger and older Americans. Even if someone doesn’t file a tax return, their online interactions can lead to scam artists obtaining sensitive information and using it to try obtaining a refund.
Here are highlights of National Tax Security Week and the security measures to keep in mind as the holiday and tax season approaches:
Day 1 – Cyber Monday: Protect personal and financial information online
The IRS and the Security Summit partners remind people to take these basic steps:
- Use security software for computers and mobile phones – and keep it updated.
- Avoid phishing scams, especially related to tax refunds and COVID-19, Economic Impact Payments and other tax law changes.
- Use strong and unique passwords for all accounts.
- Use multi-factor authentication whenever possible.
- Shop only secure websites; look for the “https” in web addresses and the padlock icon; avoid shopping on unsecured and public Wi-Fi in places like coffee shops, malls or restaurants.
Day 2 – Giving Tuesday: Beware of scammers using fake charities
The IRS and the Security Summit partners warn people to avoid getting scammed when donating to charities. The agency provides the following tips:
- Individuals should never let any caller pressure them into giving a donation without allowing time for them to do some research.
- Confirm the charity is real by asking for its exact name, website and mailing address and confirming it later.
- Be careful about how a donation is made. After researching the charity, pay by credit card or check and not by gift card or wiring money.
Day 3 – Get an Identity Protection PIN
Taxpayers who can verify their identities online may opt into the IRS IP PIN program – a major expansion of the program from previous years. This is another tool taxpayers can use to protect themselves – and their tax refund. Here’s what taxpayers need to know:
- The Identity Protection PIN or IP PIN is a six-digit code known only to the individual and the IRS. It provides another layer of protection for taxpayers’ Social Security numbers on tax returns.
- Use the Get an Identity Protection PIN (IP PIN) tool at IRS.gov/ippin to get an IP PIN.
- Never share the IP PIN with anyone but a trusted tax provider.
Day 4 – Tax professionals should review their security protocols
As identity thieves continue targeting tax professionals, the IRS and the Summit partners urge practitioners to review the “Taxes-Security-Together” Checklist, including:
- Deploy basic security measures.
- Use multi-factor authentication to protect tax software accounts.
- Create a Virtual Private Network if working remotely.
- Create a written data security plan as required by federal law.
- Know about phishing and phone scams, especially related to Electronic Filing Identification Numbers (EFINs), COVID-19 related tax-law changes including Economic Impact Payments.
- Create data security and data theft recovery plans.
Use digital signatures to submit IRS forms and check account details on secure portal
The IRS began accepting digital signatures on a variety of forms this past year. Additionally, the agency made improvements to its online accounts platform to help both tax pros and individuals.
- Tax pros may go to the new Tax Pro Account on IRS.gov to digitally initiate Power of Attorney and Tax Information Authorization requests.
- Taxpayers have digital control over who can represent them or see their account information on the Online Account portal.
- The IRS now accepts a wide array of digital signatures on a number of forms that cannot be electronically filed.
Day 5 – Businesses should implement safeguards; watch out for tax-related scams
Most cyberattacks are aimed at small businesses with fewer than 100 employees. Here are some details from this segment:
- Learn about best security practices for small businesses.
- IRS continues protective masking of sensitive information on business transcripts.
- A Business Identity Theft Affidavit – Form 14039-B – is available for all businesses to report theft to the IRS.
- Beware of various scams, especially the W-2 scam that attempts to steal employee income information.
- Check out the “Business” section on IRS’s Identity Theft Central at IRS.gov/identitytheft.
We’ve Got You Covered
See more tips throughout National Tax Security Awareness Week on how to secure your important information and learn more about how TurboTax works hard to safeguard your information on our TurboTax Security page.