(CNN/WTNH) — The IRS, state tax agencies and tax preparation companies are doing even more this year to protect your personal data and thwart criminals from stealing it.
But that’s not enough to prevent refund fraud and tax-related identity theft. You also have to take active steps to do the same, the IRS said.
“We all have a part to play,” said IRS Commissioner John Koskinen at a press conference Thursday, announcing a public campaign called Taxes. Security. Together.
Among the campaign’s main recommendations:
1. Don’t be duped by calls, emails or texts purporting to be from a tax agency.
They’re scams. Federal and state tax authorities would never contact you out of the blue and threaten you with penalties, lawsuits or jail if you don’t share your bank account number or send money right away. The same is true of threatening solicitations that purport to be from your bank.
2. Don’t click on any links.
Attachments to emails pretending to be from a tax or financial institution may infect your computer or steal your log-in information.
3. Safeguard your computer.
Install security software that provides anti-virus and firewall protections.
4. Encrypt computer files with valuable information.
That includes your personal, financial or tax data.
5. Lock ‘n shred.
Paper files with valuable information should be kept in a locked file. If you want to get rid of them, shred them.
6. Keep an eye on credit.
Check your credit report and Social Security earnings record at least once a year to make sure no one else is using your credit or Social Security number for employment or other purposes.
7. Don’t overshare.
While it’s become normal to post selfies and broadcast your every thought on social media, don’t offer personal details — e.g., your address, your bank, your maiden name, or anything else that makes it easier for criminals to hijack your identity along with data they may already have on you.
8. Be sure to enter W-2 Verification Codes
New for filing season 2018, the Internal Revenue Service has expanded the pilot to verify the authenticity of Form W-2 data. This initiative is one in a series of steps implemented by the Security Summit to combat tax-related identity theft and refund fraud. The objective is to verify Form W-2 data submitted by taxpayers on e-filed individual tax returns. The IRS has partnered with certain payroll service providers (PSPs) to include a 16-character verification code on many Forms W-2 provided to employees.
What the industry is doing
Representatives from leading tax software companies noted at the press conference that tax preparation firms will be sharing a slew of new data and filing pattern information with the IRS and state tax agencies to further thwart criminals from filing in your name and stealing your refund.
In addition, they said, users of tax software will notice a few changes on the front-end of the process as well. Those changes include: a requirement for stronger passwords, more security questions, new lockout features if you spend too long trying to log in or attempt to do so too many times, plus stronger verification features, such as sending the tax filer an email or text with a log-in PIN.
Last year’s tax season was marred by several high-profile instances of refund fraud and identity theft. Early in the season, several state tax departments noticed a pattern of fraudulent returns claiming refunds. And in May, the IRS said criminal syndicates — using previously acquired stolen personal information — used the “Get Transcript” tool on the IRS website to download the tax forms of 330,000 people. And phone scams hit record levels.