Chris Lewis

Jan 03 2018

Beware of Tax Identity Theft


Tax Identity Theft

All taxpayers, business owners, and tax preparers should be aware of identity theft scams by people pretending to be IRS representatives through phone calls, text messages, or email communications. Tax related identity theft occurs when someone uses your Social Security Number to file a tax return claiming a fraudulent refund before you do. Here are some tips to protect you from tax related identity theft.

File sooner rather than later.
The sooner you file your taxes, the less time criminals have to steal your tax return. If you have everything you need, don’t delay in filing your taxes.

Don’t respond to emails requesting personal information.
Email is not a secure way to provide sensitive information like account numbers, passwords, social security numbers, etc. If you think the IRS or your accountant needs your personal information, call them from the number in the phone book or on their website, and not from the number provided via their email.

Download and install from websites you trust.
Be sure your security software is on and updated. Never allow browsers to remember your username and password, and when finished, be sure to log out completely to terminate your online session. If you are using a computer other than your own, clear the browser history and delete the temporary files and history after logging out of your accounts. You can double check secure websites (https) by verifying the padlock icon on the status bar to view the security ticket for the site.  In the “Issued to” popup window, the name should match the site you think you are on. If it doesn’t match up, you could be on a spoofed site; do not submit a username, password, or any other information.

Use strong passwords.
Use a password that has a combination of letters, numbers, and special characters that would be difficult to guess. Passphrases (which are a series of words that create a phrase) of characters and special characters provide additional security when creating passwords. Remember to change your password frequently (at least every 90 days) and never share your password with anyone. You should never store your password on your computer, but if you need to write it down, store it in a secure and private place.

Monitor your accounts and check your credit report.
Online banking or a mobile app makes it easy to monitor your accounts for suspicious transactions. Additionally, you can monitor your credit report by visiting AnnualCreditReport.com. In accordance with the Fair and Accurate Credit Transactions Act (FACT Act), you are allowed one free credit report per year. Take advantage of these services!

Organizations must be mindful of tax identity theft too.
In the past, there have been reports of companies and organizations being tricked into sending wage data on employees and then making fraudulent wire transfers. This is happening to school districts, non-profits, restaurants, retail businesses, etc. Emails are sent to employees attempting to get batches of W-2 forms, annual wage and salary reports required to file tax returns. If successful, they ask for a wire transfer in which the company loses confidential employee information and money in wires. To learn more about this scam, visit this article on bankinfosecurity.com.

Remember, the IRS will never:

  • Demand immediate payment without first having mailed the taxpayer an explanation of additional tax due.
  • Demand the taxpayer pays taxes without giving them opportunity to question or appeal the amount said to be owed.
  • Require a specific payment method to be used to pay tax owed.
  • Ask for credit or debit card numbers.
  • Threaten to bring in local police or other law enforcement groups to have the taxpayer arrested for not paying.

For more information or questions about tax identity theft, visit the Internal Revenue Service (IRS) Security Awareness for Taxpayers file, or the Federal Trade Commission (FTC) Tax-Related Identity Theft website.

Chris Lewis

About Chris Lewis

Chris Lewis is an Information Security Officer at Hills Bank. He joined Hills Bank in 2013 and has over 10 years banking experience. He specializes in Cybersecurity, Fraud & Identify Theft Prevention, and mobile device security. Chris can be reached at Chris_Lewis@hillsbank.com.


This entry was posted in News and Events and tagged , , , , . Bookmark the permalink.