Beware of Scams!
By Leo Hopper
Information Security Manager
It’s tax season and this is the time of year that IRS scams and fraudulent tax filings are on the rise. Here are some suggestions to avoid becoming a victim:
The adversary calls or emails you alleging to be with the IRS in order to get you to give them personal information or money.
1. The IRS will never send you an unsolicited email requesting information. You can report unsolicited email to firstname.lastname@example.org.
2. The IRS will never call and demand immediate payment or ask for credit/debit card numbers over the phone.
3. The IRS will never threaten you with “immediate” arrest by local police or other law-enforcement.
4. If you are suspicious of a phone call, ask the caller which office they work out of and call them back. Phone numbers to contact the IRS are easily available online, including numbers for local offices that may be near you.
The adversary obtains your personal information and files a tax return in your name in order to get the refund. You find out about it when you attempt to file a return and are informed it has already been filed. This can occur at the state and city level as well.
1. File your tax return as early as possible. This is probably the best defense against this attack.
2. Protect your personal information. Don’t give out your Social Security Number or other personally identifiable information (address, phone number, mother’s maiden name, spouse information, etc.) unless it is necessary and you trust the recipient.
3. Monitor your credit report.
4. Pay attention to news stories about big “hacks” or data breaches. e.g. If you see a news story that your automobile insurance company has just had a large data breach, contact your representative and ask what they are doing to resolve the issue (i.e. free credit monitoring). If you are affected, change your passwords and answers to any security questions on other data sensitive accounts.
Most importantly be careful and diligent when sharing your data. Trust is a good thing, but trust and verify is a better thing.