Much has been said about how to identify and avoid tax-related identity theft scams, especially when it comes to phishing and malware. This week, the IRS published a tax tip highlighting the signs that a tax professional’s identity has been stolen.
Identity thieves have been increasingly targeting tax professionals’ personally identifiable information (PII) and office databases in recent years. Aside from the usual goal—using that information to fraudulently apply for credit cards and loans—cybercriminals know that a tax professional’s office is a PII goldmine.
Cybercriminals who gain access to a tax professional’s client database end up with a catalogue of hundreds, if not thousands, of private financial records. Tax-related identity theft scams are of particular concern, since cybercriminals can also use hijacked tax preparation software to file fraudulent returns. Fortunately, the extent of the financial damage suffered by you and your clients can sometimes be mitigated with early detection and quick action.
That’s why the IRS put together Tax Tip 2019-124, a list of twelve signs that a data theft incident has occurred. It ranges from the usual signs of a malware infection to clients receiving unexpected material from the IRS:
The IRS also included several links to help tax professionals better understand data security as a whole, like the FTC Safeguards Rule, Publication 4557, and Publication 5293. Understanding data security process as a whole—from prevention to identification and mitigation—will help you stay compliant with FTC regulations and protect your business.
You want to help clients file their return timely and accurately. Cybercriminals want to steal money from you and your clients. Let’s not make their job any easier by neglecting data security.
Source: IRS Tax Tip 2019-124