Protecting Yourself from Scams, ID Theft and Cyber CriminalsBack to all blogs
- ID Theft
- What's in Your Wallet or Purse
- Phony E-mail
- Pop-up Ads
- Only Access Secure Websites
- Avoid Phishing Scams
- Security Software
- Educate Children
- Phony Charities
- Impersonating the IRS
- Back Up Files
- If It Is Too Good to Be True
This office is committed to using safeguards that protect your information from data theft. To further protect your identity, you can also take steps to stop thieves. This article looks at a variety of tricks and schemes crooks use to dupe individuals, along with actions you can take to avoid being scammed, keep your computer secure, avoid phishing and malware, and protect your personal information.
ID Theft — The primary information ID thieves are looking for is your name, Social Security number, and birth date. So, constantly be aware of where you use that information, and always question anyone's need for it when they ask. The fewer institutions that have your ID information, the lower the chances your data will be hacked. Treat personal information like cash — don't hand it out to just anyone. Social Security numbers, credit card numbers, and bank and even utility account numbers can be used to help steal a person's money or open new accounts. Every time you receive a request for personal information, you should think about whether the request is truly necessary. Scammers will do everything they can to appear trustworthy and legitimate.
Stolen IDs are also frequently used by cyber thieves to file fraudulent tax returns in your name, to take advantage of refundable tax credits such as the earned income tax credit, the child tax credit and the American Opportunity Education Credit, leaving you to deal with the IRS's identity theft protocol.
What's in Your Wallet or Purse — What is in your wallet or purse can make a big difference if it is stolen. Besides the credit cards and whatever cash or valuables you might be carrying, you also need to be concerned about your identity being stolen, which is a far more serious problem. Think about it: your driver's license has 2 of the 3 keys to your identity. And if you also carry your Social Security card, bingo! An identity thief then has all the information needed.
Phony E-mail — Be aware that an unsolicited e-mail with a request to download an attachment or click on a URL could appear to be from someone you know, such as a friend, work colleague or tax professional. It could be that their e-mail has been hacked and someone else is sending the e-mail, hoping to trick you into some scam. Be alert for suspicious wording or content, and don't click on any embedded links or attachments if there is any doubt.
Pop-up Ads — Don't assume Internet advertisements, pop-up ads, or e-mails are from reputable companies. If an ad or offer looks too good to be true, it most likely is not true. Take a moment to check out the company behind it. Type the company or product's name into a search engine with terms like "review," "complaint" or "scam."
Only Access Secure Websites — Only provide personal information over reputable, encrypted websites. Shopping or banking online should be done only on sites that use encryption. People should look for "https" at the beginning of a Web address (the "s" stands for "secure") and be sure "https" is on every page of the site.
Avoid Phishing Scams — The easiest way for criminals to steal sensitive data is simply to ask for it. Learn to recognize phishing e-mails, calls or texts from crooks that pose as familiar organizations such as banks, credit card companies or even the IRS. These ruses generally urge taxpayers to give up sensitive data such as passwords, Social Security numbers and bank account or credit card numbers. They are called phishing scams because they attempt to lure the receiver into taking the bait.
For example, you might get an e-mail disguised as being from your credit card company asking you to verify your password. Companies will never do that because only you have that information, which is why you have to change it if you forget it.
Security Software — It is good practice to use security software. An anti-malware program should provide protection from viruses, Trojans, spyware and adware.
Set security software to update automatically so it can be upgraded as threats emerge. Also, make sure the security software is on at all times. Invest in encryption software to ensure data at rest is protected from unauthorized access by hackers or identity thieves.
You should never download "security" software from a pop-up ad. A pervasive ploy is a pop-up ad that indicates it has detected a virus on your computer. Don't fall for it. The download most likely will install some type of malware. Reputable security software companies do not advertise in this manner.
Educate Children — Today's children are probably more adept at using the Internet than their parents but are not mindful of the hazards. Educate your children about not giving out or posting online their Social Security numbers or birth dates. It may also be appropriate not to allow them to use a device that contains sensitive information such as tax returns, financial links, etc. It is not uncommon for crooks to use children's IDs to file fraudulent tax returns. Also, block your children from freely downloading apps to their mobile devices without parental supervision.
Taxpayers have reported an increase in e-file problems because their children's SSNs have already been used in a previously e-filed return, which results in the e-filed return being rejected.
Passwords — Use strong passwords. The longer the password, the tougher it will be to crack. Most sites require a minimum of eight characters, with at least one number and one character. Many sources suggest using at least 10 characters; 12 is ideal for most home users. Mix letters, numbers and special characters. Try to be unpredictable — don't use names, birthdates or common words. Don't use the same password for many accounts, and don't share them on the phone, in texts or by e-mail. Consider using a passphrase versus a password. And remember, legitimate companies will not send messages asking for passwords.
Phony Charities — The fraudsters pop up whenever there are natural disasters, such as earthquakes or floods, trying to coax you into making donations that will go into the scammer's pockets and not to helping the victims of the disaster. They use the phone, mail, e-mail, websites and social networking sites to perpetrate their crimes. The following are some tips to avoid fraudulent fundraisers:
- Donate to known and trusted charities. Be on the alert for charities that seem to have sprung up overnight in connection with current events.
- Ask if a caller is a paid fundraiser, who he/she works for and what percentages of the donation go to the charity and to the fundraiser. If any clear answers are not provided, consider donating to a different organization.
- Don't give out personal or financial information—including a credit card or bank account number—unless the charity is known and reputable. You might end up donating more than you had planned on.
- Never send cash. The organization may never receive the donation, and there won't be a record for tax purposes.
- Never wire money to a charity. It's like sending cash.
- If a donation request comes from a group claiming to help a local community agency (such as local police or firefighters), ask the people at the local agency if they have heard of the group and are getting financial support.
- Verify the charity — Check out the charity with the Better Business Bureau (BBB), Wise Giving Alliance, Charity Navigator, CharityWatch or IRS.gov.
The very first thing you should be aware of is that the IRS never initiates contact in any other way than by U.S. mail. So, if you receive an e-mail or a phone call out of the blue with no prior contact, then it is a scam. DO NOT RESPOND to the e-mail or open any links included in the e-mail. If it is a phone call, simply HANG UP.
Additionally, it is important for taxpayers to know that the IRS:
- Never asks for credit card, debit card or prepaid card information over the telephone.
- Never insists that taxpayers use a specific payment method to pay tax obligations.
- Never requests immediate payment over the telephone.
- Will not take enforcement action immediately following a phone conversation. Taxpayers usually receive prior written notification of IRS enforcement action involving IRS tax liens or levies. Some scammers even threaten immediate arrest if the payment is not made immediately — don't be bullied by these criminals.
Back Up Files — No system is completely secure. Back up important files, including federal and state tax returns, business books and records, financials and other sensitive data onto remote storage, a removable disc or a back-up drive.
If It Is Too Good to Be True, It Probably Isn't — Many e-mail scams are based around supposed foreign lotto winnings, foreign inheritances and foreign quick-buck investment schemes. Don't let the lure of the dollar signs cloud your better judgement. The only one that makes out in these instances is the cyber crook.
Please call this office if you have any questions.