| |||
News EssentialsThe Newsroom TopicsIRS Resources | Issue Number: IR-2020-271Inside This IssueNational Tax Security Awareness Week, Day 5: Security Summit alerts tax professionals to potential telework scams during COVID-19, urges all practitioners to use multi-factor authentication IRS YouTube Video: New Security Measures Help Protect Against Tax-Related Identity Theft English WASHINGTON – The IRS, state tax agencies and the tax industry marked the final day of National Tax Security Awareness Week with a warning to all tax professionals that they face additional challenges from cybercriminals seeking to exploit COVID-19 fears. The partners, working together as the Security Summit, today closed a week-long effort to heighten awareness about identity theft and data security measures among taxpayers, businesses and tax practitioners. This was the fifth annual National Tax Security Awareness Week. "When the Security Summit formed five years ago to fight identity thieves it was clear that the IRS, the state and industry could not be successful without the help of taxpayers and tax professionals. Everyone has a role to play in protecting sensitive financial data," said IRS Commissioner Chuck Rettig. "We've made tremendous progress in the past five years, but we still have work to do. The coronavirus and the increase in teleworking creates new ways for these sophisticated cybercriminals to scam people out of their money or their sensitive tax and financial information." As the IRS and Security Summit partners took important steps to strengthen defenses against cybercriminals, identity thieves increasingly turned to tax professionals, targeting their offices and systems. Data thefts from tax professionals can provide valuable information to thieves trying to file fraudulent tax returns. The Summit partners remind all tax professionals to review their security measures. IRS Publication 4557, Safeguarding Taxpayer Data, provides practitioners with a starting point for basic steps to protect clients. The Security Summit also created the "Taxes-Security-Together" Checklist to help tax practitioners identify the basic steps they should take. As more tax preparers work from home or remote locations because of COVID-19, these measures are even more critical for securing tax data. Basic protections - the 'Security Six' measures
Use multi-factor authentication to protect tax accounts Of the numerous data thefts reported to the IRS from tax professional offices this year, most could have been avoided had the practitioner used multi-factor authentication to protect tax software accounts. Practitioners can download to their mobile phones readily available authentication apps offered through Google Play or the Apple Store. These apps will generate a security code. Codes also may be sent to practitioner's email or text but the IRS notes those are not as secure as the authentication apps. Use a search engine for "Authentication apps" to learn more. Virtual private networks to protect remote sites Failing to use VPNs can add risks to remote takeovers by cyberthieves, giving criminals access to the tax professional's entire office network simply by accessing an employee's remote internet. Tax professionals should seek out cybersecurity experts whenever possible. Practitioners can also search for "Best VPNs" to find a legitimate vendor, or major technology sites often provide lists of top services. Remember, never click on a "pop-up" ad that's marketing a security product. Those generally are scams. Phishing scams, including COVID-19 and Economic Impact Payments The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning to all organizations to educate employees, especially those teleworking, about increased activity related to phishing scams. The IRS often sees thieves posing as potential clients, trying to trick tax pros into opening an embedded link or attachment. Scams involving COVID-19 and the Economic Impact Payments also have been prevalent. Protect yourself: The need for a security plan and data theft plan In addition to the required information security plan, tax pros also should consider an emergency response plan should they experience a breach and data theft. This time-saving step should include contact information for the IRS Stakeholder Liaisons who are the first point of contact for data theft reporting to the IRS and to the states. IRS Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation of data theft information available on IRS.gov, including the reporting processes. The IRS, state tax agencies, the private sector tax industry, including tax professionals, work in partnership as the Security Summit to help protect taxpayers from identity theft and refund fraud. This is the last of a week-long series of tips to raise awareness about identity theft. See IRS.gov/securitysummit for more details.
Thank you for subscribing to the IRS Newswire, an IRS e-mail service. If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe. This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message. |
No comments:
Post a Comment