Tax Identity Theft Part II: How to Avoid Phishing Scams and Malware

The Internal Revenue Service recently issued a stern warning for consumers after seeing a 400% surge in identity and data theft incidents in the first few weeks of the 2016 tax season.

No doubt you’ve heard of phishing scams which use “bait” from emails, telephone calls and texts to separate you from your cash, your passwords, your social security number or your very identity. Cybercriminals on a daily basis concoct new ways to trick people into turning over cash or sensitive data that can affect your taxes. And the frightening part is that they work. 

When it comes to this type of crime the main line of defense is not technology… it’s you!

Criminals typically pose as a person or organization you trust and/or recognize. They may hack a friend’s email account and send mass emails under their name. They may pose as your bank, credit card company or tax software provider. Or, they may pose as a state, local or federal agency such as the Internal Revenue Service or a state agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in or landing pages designed to steal your valuable information.

Just remember, NO legitimate organization – not your bank, not your tax software company, not the IRS – will EVER ask for sensitive information through unsecured methods such as emails. And the IRS never sends unsolicited emails or makes calls with threats of lawsuits or jail.

Scam emails and websites can also infect your computer with “malware” – a form of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware and other malicious programs – without you even knowing it. These malware programs can give the criminal access to your device, enabling them to acquire all your sensitive files or track your keyboard strokes, exposing login information.

Here are a few simple steps you can take to protect yourself: 

  • Avoid suspicious phishing emails that appear to be from the IRS or other companies; do not click on the links – instead, go directly to their websites.
  • Beware of phishing scams asking you to update or verify your accounts.
  • To avoid malware, don’t open attachments in emails unless you know who sent it and what it contains.
  • Download and install software only from websites you know and trust.
  • Use security software to block pop-up ads, which can contain viruses.
  • Ensure your family understands and practices safe online and computer habits.

If you receive a suspicious or fraudulent email from the IRS, report it immediately by sending it to phishing@irs.gov.

For additional information about Tax Identify Theft, please visit www.irs.gov/identitytheft.