What’s even less fun than filing taxes? Going to file your taxes only to find out you’ve been a victim of tax fraud!
Tax season is well underway here in the United States but unfortunately, that also means a surge in phishing and malware. According to a recent announcement from the Internal Revenue Service, tax refund attacks are up 400% over last year’s tax season.
Typically, fraudsters send an official-looking communication to taxpayers to trick them into thinking they’ve received something from the IRS or their tax software company, asking them to “verify” some personal or login information. The fraudsters then use this information to file a bogus tax return, and collect that hard-earned tax refund for themselves.
Phishing attacks are just one concern. Some of these emails come rigged with keyloggers and other malware that try to steal even more of your personal information.
Here’s a few tips for ensuring you aren’t a victim of tax fraud:
File your taxes early.
Fraudsters can’t claim your tax refund if you’ve already filed it, so that’s an incentive to submit your claim as early as possible. Technically, you have until April 18, but your best defense is to file now.
Update your tax account password.
Regardless of how you file your taxes, ensure you’re using a strong, unique password or PIN that you’ve never used anywhere else. It’s too easy for fraudsters to use the same usernames and passwords from data breaches at other websites to try logging into your tax software account. A password generator like the one built into LastPass can help you generate a strong, unique password – and will remember it for you next year.
Watch out for suspicious emails.
There are some patterns to the phishing emails that fraudsters are sending. If you see one of these, approach with caution and always login to a service directly from your browser instead of clicking links if you’re unsure. Recent email examples that the IRS has seen include subject lines and underlying text referencing:
- Update your filing details, which can include references to W-2.
- Confirm your personal information.
- Get my IP Pin.
- Get my E-file Pin.
- Order a transcript.
- Complete your tax return information.
Take advantage of credit reports and monitoring.
All four credit bureaus are required to give you a free copy of your credit report once a year, so be sure to request a copy from each one. You can space your requests to each one throughout the year to maximize the benefit. You might consider turning on a free credit monitoring service or even consider a credit freeze (here’s some tips from security researcher Brian Krebs on what that means and why you might want to consider one). LastPass users can take advantage of free credit monitoring alerts, too.
Report suspicious activity.
If you think you’ve received a phishing email, be sure to report it to firstname.lastname@example.org and help fight back against cybercrime.
Stay safe out there!