What Cybercriminals Don’t Want You to Know
Thieves are working extra hard this tax season to steal your information and gain access to your money. These cybercriminals use email and phone scams to trick taxpayers into revealing valuable information.
In a tax tip article, “Don’t take the bait”, the Internal Revenue Service (IRS) says, “The most common way for cybercriminals to steal money, bank account information, passwords, credit cards and Social Security numbers is to simply ask for them.”
The scams seek to fool people into sharing sensitive information under the guise of being a legitimate company, such as a bank, tax service or even the IRS. They often involve counterfeit email addresses and phone numbers, copycat webpages or corrupt hyperlinks that contain viruses.
Protect yourself by reading emails carefully:
Do not open attachments or click on links unless you are able to verify the sender.
Check email addresses for spelling and accuracy. If possible, use a reliable search engine and go to the source’s main web page to verify contact information.
Use security software. Some anti-virus software can detect suspicious websites, malware and viruses found in phishing emails.
Take your time and don’t let aggressive or urgent-sounding emails rattle you. Cybercriminals may use threatening language or pressing deadlines to make their messages seem more authentic. This is just a tactic to push you into making a careless mistake.
The IRS does not contact taxpayers with aggressive threats of lawsuits or arrest. Their tax tip article also says, “Remember that no legitimate business or organization will ask for sensitive financial information by email.”
Keep your personal information safe:
Never give out personal information unless you are sure about who you are talking to. If you are unsure, investigate further by contacting the IRS.
Use strong passwords or passphrases for email and sites containing your personal information.
Give personal information over encrypted websites only, and only if required.
Look for sites that have “https” at the beginning of the URL and a lock symbol that you can click on to get more information.
Use multi-factor authentication if it is available. Typically, this requires your name, password and a separate security code that is sent to your mobile phone to log in.
You already protect things like your family, home, car and pets. Maybe you even own a business and have cyber insurance coverage, because you know about the many risks posed by cybercriminals.
Now is the time to protect your data, so you don’t become the next victim of phishing or identity theft. Stay aware of how you share your information, especially while filing your taxes, and don’t be afraid to investigate who you are dealing with.
Protect your tax information like you would your money:
Keep tax returns locked in a safe place, or encrypted if they are electronically stored.
Shred tax documents before throwing them away.
Report phishing scams to the IRS by forwarding suspicious emails to firstname.lastname@example.org.
Cybercriminals are good at gaining trust and don’t want you to protect your data. But with a few simple precautions you can safeguard your personal information and your money. For more information about phishing attacks and how to stay safe, visit https://www.irs.gov/newsroom/dont-take-the-bait-heres-how-taxpayers-can-avoid-getting-caught-by-a-phishing-scam.