Tax season is prime time for online scams. Cybercriminals are looking to cash in by stealing your identity and by getting their hands on your tax refund.
Already this year, reports of tax-related cybercrime and privacy breaches are popping up across the country. Here in the Midwest, for example, the City of Keokuk, Iowa, fell victim to a “criminal phishing email” in late January that resulted in the release of every city employee’s 2017 W-2 to an unknown/unauthorized individual.
There are simple steps you can take to help ensure your privacy and cyber security during tax time:
Understand how the IRS communicates with you
According to the IRS, taxpayers’ first contact with the IRS will not be a phone call from out of the blue, or an email, text or social media message. The IRS’ first contact will be through official correspondence via the mail. The IRS will also never insist you use a specific payment method or service to pay your tax obligations. If you receive a suspicious electronic communication claiming to be from the IRS, they advise that you:
- Don’t reply
- Don’t open any attachments
- Don’t click any links
- Forward the email to firstname.lastname@example.org or forward the suspicious text to the IRS at 202-552-1226
For additional tips on what to do if you receive a suspicious IRS-related communication, check out this helpful reference from the IRS.
Understand what the IRS will and will not do
When it comes down to it, other than trying to hack into the IRS or companies like H&R Block, cyber criminals really have only one play: trying to convince you to voluntarily hand over your personal information. And while they can be creative at trying to fool you, there is usually one consistent giveaway that signals you may not be interacting with an official IRS representative — communications that try to invoke strong emotions like urgency or fear.
John Koskinen, former IRS commissioner, advises that, “A big red flag for these scams are angry, threatening calls from people who say they are from the IRS and urging immediate payment. This is not how we operate.”
The bottom line is that fraudsters and cyber criminals prey on those who are uninformed regarding how the IRS communicates with taxpayers and those who are less cyber security minded.
Check out these official resources to help you stay cyber secure during tax season:
- How to know it’s really the IRS calling or knocking on your door
- IRS warning about phone scams
- Avoiding Social Engineering and Phishing Attacks
- IRS and US-CERT Caution Users: Prepare for Heightened Phishing Risk This Tax Season