Protect Your Data!
Last week, the IRS warned tax professionals that new attacks are allowing identity thieves to file fraudulent returns by taking over a tax professional’s computer. There have been twelve tax professionals victimized in the last week of August. The IRS warns to use all security measures possible and password protect all files.
These attacks come in line with the September 15 extended deadline for certain companies. The last wave to hit was just before the April 15, 2016 deadline. The thieves were able to remotely go through the tax professionals’ computer, find undone tax returns, complete them with their own numbers, and then file the return and route the information into the thieves account. In addition, they were able to remotely access social security numbers of victims as well, completing who only knows what else.
The IRS recommends the following per their website:
Run a security “deep scan” to search for viruses and malware;
Strengthen passwords for both computer access and software access; make sure your password is a minimum of eight digits (more is better) with a mix of numbers, letters and special characters and change them often;
Be alert for phishing scams: do not click on links or open attachments from unknown senders;
Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.
We would not stop there. We recommend taking further steps and talking with an outside security and technology firm to meet your needs depending on the complexity of your network and technology situation.