Data breaches and keeping your sensitive personal and financial information secure seems to be in the news a lot. But the topic is especially top-of-mind at this time of year, as businesses prepare for the end of the year and tax season and as holiday shoppers flood the local malls or their favorite internet sellers.
According to a recent bulletin from the IRS, the number of data breaches in 2017 was on a record pace even before the reported theft of nearly 145 million U.S. citizens’ names, addresses and Social Security numbers.
Have you become one of the growing number of victims of identity theft?
IRS Advises Identity Theft Victims on What to do Next
The IRS urges you to act quickly if you discover any of your sensitive data has been compromised, because the cyberthieves are moving fast also to take advantage of the stolen information. Besides raiding bank accounts, many cybercriminals also sell the information to other criminals or use your personal information to file fraudulent tax returns in the victims’ names for large refunds.
During National Tax Security Awareness Week, the IRS has teamed with state tax agencies and the tax industry to focus daily issues that pose a threat to individuals and businesses and offer steps they may take to better protect themselves from cybercriminals.
Those who are victims should consider the following steps, according to the IRS’ Nov. 29, 2017, bulletin.
Steps to Take if You are a Victim:
- If possible, learn what information was compromised. Was it emails and passwords or more sensitive data such as name and Social Security number?
- Take advantage of any credit monitoring offers made by the company that was breached.
- Place a freeze on credit accounts to prevent access to credit records. There may be a fee for requesting one. This varies by state. At a minimum, place a fraud alert on credit accounts by contacting one of the three major credit bureaus. A fraud alert on credit records is not as secure as a freeze, but a fraud alert is free.
- Reset passwords on online accounts, especially financial, email and social media accounts. Experts recommend at least 10-digit passwords, mixing letters, numbers and special characters. Use different passwords for each account. Use a password manager, if necessary.
- Use two-factor authentication wherever it is offered on financial, email and social media accounts. Two-factor authentication requires entry of a username and password and then a security code, generally sent via text to a mobile phone you’ve pre-registered.
SOURCE: Internal Revenue Service
Regarding tax filing for your business or yourself, prompt attention and action are urged. The IRS suggests filing as soon as possible, once you have all the necessary information required.
The good news is that key indicators of identity theft on tax returns have dropped by around two-thirds since 2015, the agency says. But especially considering the size of the most recent breach, everyone should be vigilant and alert to suspicious activity as 2018 approaches.
Here are some signs of tax-related identity theft, as outlined by the IRS:
Signs of Tax-Related Identity Theft:
- An electronically filed tax return rejects because a return with the taxpayer’s SSN already has been filed;
- Taxpayers receive a letter from the IRS asking them to confirm whether they submitted a tax return being held for review;
- Taxpayers receive a notice from the IRS indicating that they owe additional tax, have a refund offset or have a collection action for a year in which they did not file a tax return;
- Taxpayers receive a notice from the IRS that they received wages from an employer for whom the taxpayer did not work.
The IRS bulletin continues:
Taxpayers should file a Form 14039, Identity Theft Affidavit, only if their return rejects because a return using their SSN already has been filed or if told to do so by the IRS. This form is how taxpayers report that they are an identity-theft victim.
The IRS stops the vast majority of fraudulent returns. Each year, the IRS stops returns it deems suspicious and asks the filer to verify whether they filed the return. The IRS will send a notice asking taxpayers to confirm whether they filed the return.
The IRS, state tax agencies and the tax industry are working together to fight against tax-related identity theft and to protect taxpayers. Everyone can help. Visit the “Taxes. Security. Together.” awareness campaign or review IRS Publication 4524, Security Awareness for Taxpayers, to learn more.