The IRS has issued ‘Security Six’ protections, a list of six security steps that taxpayers and tax professionals can use to stay safe from tax scammers. According to the IRS, there has been a dramatic decrease in identity theft fraud, which has fallen almost two-thirds since 2015. Yet, millions of dollars are still claimed in fraudulent refunds by scammers each year. 

With the scam artists coming back with new ways to deceive taxpayers, it’s important to stay aware of their latest scam methods in order to avoid them. The Daily Swig details: 

The new guidelines recommend using antivirus software, firewalls, two-factor authentication, and drive encryption, as well as backing up data and creating and securing virtual private networks (VPNs).

Meanwhile, all professional tax preparers are required by law to create and maintain a security plan for client data, focusing on key risk areas such as employee management and training, information systems, and detecting and managing system failures.

Tax professionals should also educate themselves on phishing and” ransomware, and have a data theft recovery plan in place. 

Everyone is a potential target 

These six steps are simple actions that anyone can take, says IRS Commissioner Chuck Rettig. 

The important thing to remember is that every tax professional, whether a sole practitioner or a partner in a large firm, is a potential target for cybercriminals. No tax business should assume they are too small or too smart to avoid identity thieves.

Signs to look out for, says the IRS, include clients receiving IRS letters about suspicious tax returns in their name or tax transcripts they did not request. 

Tax practitioners should also check that there have not been more tax returns filed with a particular Electronic Filing Identification Number than were submitted. 

The guidelines have been welcomed — but they don’t go far enough, according to Matt Lock, technical director at security firm Varonis. 

Advising tax professionals to use antivirus and firewalls is sage advice — 20 years too late, Lock tells The Daily Swig. They might as well tell them to bring a slingshot to a gunfight. 

Professional tax services need to lock down their files to a least-privilege model to help guard against insider threats, which can be just as harmful as any APT [advanced persistent threat].

This approach will help maintain ethical walls — that is, employees should only be able to access the client files they need to do their work, period. 

Fill out the form for a free and confidential consultation.

    By clicking GET TAX HELP, I have read and accept by my electronic signature herein the products or services offered by Justice Tax, LLC or its affiliates for tax resolution services, and do hereby give express consent and agree to be contacted by email, SMS/Text or other electronic format by live agent, artificial or prerecorded voice, email and/or SMS text message at my residential or cellular number, dialed manually or by auto dialer at the number(s) provided for tax resolution products and services offered by Justice Tax, LLC or its affiliates. I acknowledge and understand that consent to be contacted is not a condition to purchase products and/or services offered and I further acknowledge and agree to the Privacy Policy and Terms of Use attached hereto.


    © 2021 Justice Tax, LLC