Cyber criminals are getting added attention this week in the wake of Democratic National Committee emails that hackers stole and then leaked to the world.
But the Internal Revenue Service has been concerned about hackers for a while. It formalized its cyber security worries last year with the creation of its Security Summit, a coalition of federal and states tax officials, as well as the tax industry.
One of the Security Summit's goals is to alert and tax professionals about tax identity theft threats and encourage their involvement in fighting the electronic epidemic.
The most recent IRS warning was to the 700,000+ tax preparers across the United States, alerting them that they are increasingly the target of cyber criminals. The New York State Department of Taxation and Finance quickly followed up that alert with a similar one to Empire State tax professionals.
Criminals adapt theft techniques: IRS Commissioner John Koskinen noted that while many tax preparers take good security precautions, cyber criminals are continuing to evolve.
They are using new technology, ruses and scams, said Koskinen. That means that the tax community, which handles large volumes of sensitive personal and financial information, must stay on top of security systems to protect taxpayers as well as their businesses.
Jerry Boone, New York's Commissioner of Taxation and Finance, echoed the federal warning.
"Preventing cybercrimes is an ongoing battle because the criminals adapt their tactics as the technology improves," said Boone. "By probing each return to detect anomalies and creating a team dedicated to uncovering tax schemes and questionable refunds, New York State remains at the forefront of this fight against cybercrimes. We will continue to employ all available resources to help educate and protect tax preparers and their clients."
So far in 2016, added Boone, his tax department has stopped more than 330,000 suspicious New York personal income tax refunds, catching nearly $500 million in attempted tax refund fraud.
Ways to stop cyber crooks: The IRS created a fact sheet for tax pros to help them establish and enhance their firms' and clients' from identity theft. It includes relatively easy measures in these 4 key tax cyber security areas:
1. Protect your computer: Always encrypt your wireless network with a strong password, and never access your personal accounts on a public Wi-Fi network. When accessing taxpayer information online, look for "https" -- the "s" indicates a secure website, although even that sometimes is not enough -- in the URL. When taxpayer data is downloaded from your computer system, make sure those paper documents, computer disks, flash drives and other media are kept in a secure location and access is restricted to authorized users.
2. Use strong passwords: Use a different password for each of your accounts and on all computers and tax software programs. Change those passwords frequently, at least every 60 to 90 days. Strengthen your passwords by using a combination of upper- and lower-case letters, as well as numbers and symbols, for every change. Do not use your name, birth date, family member and pet names or common words in your passwords.
3. Train and maintain staff security: Be diligent about granting access, both in-office and remotely, only to necessary and trusted personnel. Create security requirements for your entire staff regarding computer information systems, paper records and use of taxpayer data. This should include periodic training to update your employees on any changes and to ensure full cyber security understanding and compliance. When a staff member leaves your employ, whether on good terms or is terminated, immediately close all access by those former workers to office systems and taxpayer information.
4. Properly dispose of private information: Shred all documents to destroy sensitive information. When changing computer systems, your best choice is to remove each machine's hard drive and then destroy it. Simply deleting files, uninstalling programs and reformatting your drive is not enough to erase sensitive data; your old data could still be unreadable. Hire a qualified and reputable computer specialist to remove this data from your machines before you dispose of them.
Tax professionals can get more cyber security tips in IRS Publication 4557, Safeguarding Taxpayer Data. You also can stay up to date on tax identity theft matters and other tax update from the IRS by subscribing to e-News for Tax Professionals.
These tips also apply to all us taxpayers who do our taxes on our own.
It's a dangerous cyber world out there folks. Let's be careful out there.
You also might find these items of interest: