Be a tax Santa by giving these 5 holiday gifts
National Day of Mourning for George H.W. Bush postpones federal and some state and local tax deadlines

7 ways to protect your tax identity during peak holiday online shopping season


Thanksgiving to Cyber Monday are the biggest online shopping days. But e-commerce platform Shopify Plus says cyber shoppers this December are expected to spend $7 billion more than they did in November.

Crooks also are well aware of the increase in online shopping as Christmas nears. It's the perfect time for them to try to snag financial account information, Social Security numbers, credit card information and other sensitive data they can use to steal individuals' identities.

In the short term, cybercriminals can turn the stolen data into quick cash, either by draining financial accounts, charging credit cards or creating new credit accounts.

Stolen identities could lead to stolen tax refunds: And because the 2019 tax filing season is just around the calendar corner, that stolen personal info also could help identity thieves file fraudulent tax returns and intercept taxpayers' expected refunds.

That's why the Internal Revenue Service and its Security Summit partners are warning taxpayers to take extra steps to protect their tax and financial data from identity theft.

"With tax season quickly approaching, people should be extra careful during the holidays to protect their sensitive tax and financial data," said IRS Commissioner Chuck Rettig. "Taking a few simple steps can protect this valuable information and help prevent someone from stealing a tax refund."

7 tax identity theft protection steps: The IRS and the tax industry/state tax members of the Security Summit team suggest the following seven steps to increase online safety and protect your tax identity, return and refund from cyber crooks.

  1. Avoid unprotected Wi-Fi. Unprotected public Wi-Fi hotspots in malls or at holiday events also may allow thieves to view transactions. Do not engage in online financial transactions if using unprotected public Wi-Fi.
  2. Shop at familiar and secure online retailers. Generally, sites using the "s" designation in "https" at the start of the URL are secure. Also look for the padlock icon in the browser’s URL bar. Remember, however, that even bad actors may obtain a security certificate so the "s" may not vouch for a site's legitimacy. That's why you should beware of purchases at unfamiliar sites or clicks on links from pop-up ads.
  3. Learn to recognize and avoid phishing emails. These scam communications pose as a trusted source, such as those from financial institutions or the IRS. The IRS has seen an increase in these schemes this year. These emails may suggest a password is expiring or an account update is needed. The criminal’s goal is to entice users to open a link or attachment. The link may take users to a fake website that will steal usernames and passwords. An attachment may download malware that tracks keystrokes, putting personal information at risk. 
  4. Keep a clean machine. This applies to all devices — computers, phones and tablets. Use security software to protect against malware that may steal data and viruses that may damage files. Set it to update automatically so that it always has the latest security defenses. Make sure firewalls and browser defenses are always active. Avoid free security scans or pop-up advertisements for security software.
  5. Create passwords that are strong, long and unique. Experts suggest a minimum of 10 characters, but longer is better. Instead of using a specific word, opt for longer phrases. Use a combination of letters, numbers and special characters. Use a different password for each account. Use a password manager, if necessary.
  6. Use multi-factor authentication. Some financial institutions, email providers and social media sites allow users to set accounts for multi-factor authentication. This means users may need a security code, usually sent as a text to a mobile phone, in addition to usernames and passwords. Yes, it's a bit of a hassle, but much less trouble than having your identity stolen.
  7. Encrypt and password-protect sensitive data. If you keep financial records, tax returns or any personally identifiable information on computers, this data should be encrypted and protected by a strong password. Also, back-up important data to an external source, such as an external hard drive. And when disposing of computers, mobile phones or tablets, make sure to wipe the hard drive of all information before trashing or donating the equipment.

Week of tax security steps: These online safety suggestions kicked off the IRS/Security Summit's National Tax Security Awareness Week. A way to practice safe tax will be featured each day through Friday, Dec. 7.

This special week of tax security tips is the latest in the Security Summit's Taxes. Security. Together. tax safety public awareness campaign, which began just more than three years ago.

Taxes Security Together IRS Security Summit tax safety campaign

You can find more online security info here on the ol' blog in the items of interest links below, as well as in IRS Publication 4524, Security Awareness for Taxpayers.

If you're a tax professional, also check out the info at the Protect Your Clients; Protect Yourself page, as well as the Tax Security 101 series.

By being a bit extra careful this shopping season, you'll get the gifts you want without making a present of your personal data to online identity thieves.

You also might find these items of interest:





Feed You can follow this conversation by subscribing to the comment feed for this post.


I love online shopping . I found out a lot of helpful information . Now I can protect my tax identity.

The comments to this entry are closed.