Online Security Guidelines for Preventing Digital Identity Theft by the Internal Revenue Service
In an effort to safeguard taxpayers from identity theft and financial fraud, the Internal Revenue Service (IRS) has issued a series of recommendations as part of the Security Summit initiative. These measures, designed to enhance protection against tax refund fraud and identity theft, combine technology-based safeguards with vigilance and prompt communication with official agencies.
One of the key recommendations is the use of Multi-Factor Authentication (MFA) on all financial accounts and tax software logins. This additional layer of security beyond simple passwords can help protect sensitive information from unauthorised access.
Taxpayers are also advised to verify the identity of anyone requesting sensitive information before sharing any data, especially in response to suspicious emails or calls. Be wary of phishing attempts, which are evolving schemes designed to steal sensitive data. Stay updated on warnings issued by the IRS and the Security Summit partnership to ensure you're well-informed.
When enrolling in programs like the Identity Protection PIN (IP PIN), taxpayers must pass an identity verification process and retrieve their IP PIN securely online rather than waiting for a mailed notice. This reduces the risk of interception.
Taxpayers whose returns are flagged as potentially fraudulent by IRS filtering must authenticate their identities to receive refunds. This underscores the importance of quick response to IRS identity verification requests.
If you suspect a scam or identity theft attempt, report it to both the IRS and the Federal Trade Commission (FTC) to help track and disrupt fraudulent activities.
Beyond these measures, the IRS recommends using strong passwords of eight or more characters, mixing letters, numbers, and special characters. Security software, such as that offered by well-known companies or internet providers, can help protect computers against digital threats.
Secure wireless networks by encrypting them and creating a password. Never use the same password for several accounts, and keep passwords in a secure place or use a password manager.
When shopping or banking online, ensure the site uses encryption by looking for "https" at the beginning of the web address. Be cautious when using public wireless networks as they are often not secure, and sensitive information may be accessed by others.
Criminals often impersonate businesses or organisations like financial institutions, tax software providers, or the IRS, asking for personal, tax, or financial information via email, text, or pop-up messages. Calls, texts, or emails pretending to be from legitimate companies or the IRS asking to update accounts or seeking personal financial information are almost always scams.
Recently, Kaspersky Lab, a Russian security software producer, filed a U.S. federal lawsuit to overturn a Trump administration ban on the use of its products in government networks. This lawsuit highlights the importance of cybersecurity and the need for robust measures to protect sensitive information.
For more information on security awareness for taxpayers, read the IRS Publication 4524. By following these recommendations, taxpayers can significantly reduce their risk of falling victim to tax scams and identity theft.
- To further secure sensitive financial information, taxpayers should utilize technology solutions like cybersecurity software to protect their computers against digital threats.
- One should be cautious about suspicious emails, calls, or messages that claim to be from legitimate organizations, especially if they ask for personal, tax, or financial information, as they could be phishing attempts aimed at stealing information.
