• FTC's tips for happy holiday shopping

    November 20, 2019, 11:34 AM

    Keep your holiday shopping merry and bright with an early gift from the Federal Trade Commission: tips to help you watch your wallet, shop wisely, and protect your personal information.

    • Make a list and a budget. Those impulse purchases (looking at you, cozy sweater) are less tempting when you have a game plan. Consider how much you’re willing to put on your credit card, and how long it might take to pay it off. If money’s tight, paying for a gift over time through layaway might help.
    • Do your research. Read reviews and recommendations about the product, seller, and warranties from sources you trust. If you’re shopping online, check for reports that items were never delivered or not as advertised. Spreading holiday cheer by donating to charity or a crowdfunding cause? Look into it first to make sure it’s legitimate.
    • Look for the best deals. Check out websites that compare prices for items online and at your local stores. Remember there may be shipping costs for online orders. Look for coupon codes by searching the store’s name with terms like “coupons,” “discounts,” or “free shipping.” To save extra money, keep an eye out for rebates.
    • Keep track of your purchases. Make sure the scanned price is right, and save all your receipts. If you shop online, keep copies of your order number, the refund and return policies, and shipping costs. Then have your packages delivered to a secure location or pick them up at a local store. Treat gift cards like cash and keep them in safe place.
    • Give gifts, not personal information. Protect yourself online by shopping only on secure websites with an “https” address. Stick to shopping apps that tell you what they do with your data and how they keep it secure. Avoid holiday offers that ask you to give financial information – no matter how tempting. They might be trying to steal your identity.
    Source; Federal Trade Commission 
  • FTC Provides Tips on Safeguarding Data Before Upgrading Mobile Phones

    November 19, 2019, 4:48 PM

    The Federal Trade Commission (FTC) has released an article with tips on how to protect personal information before trading in a mobile phone for a newer model. FTC recommends the following four steps to safeguard these devices:

    • Back up data.
    • Remove SIM and SD cards.
    • Erase personal information.
    • Verify deletion of personal information.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article for additional resources on how to perform each of the suggested steps and see CISA’s Tip on Proper Disposal of Electronic Devices for more information.

    Source: Cyber Infrastructure 

  • IRS urges families, teens to make online safety a priority

    October 28, 2019, 3:27 PM

    The Internal Revenue Service today urged families and teens to stay vigilant in protecting personal information while connected to the internet. Although the IRS is making huge strides in fighting identity theft and thwarting fraudulent tax returns, help is needed.

    During National Work and Family Month, IRS is asking parents and families to be mindful of all the pitfalls that can be found by sharing devices at home, shopping online and through navigating various social media platforms. Often, those who are less experienced can put themselves and others at risk by leaving an unnecessary trail of personal information for fraudsters.

    The IRS has joined with representatives of the software industry, tax preparation firms, payroll and tax financial product processors and state tax administrators to combat identity theft refund fraud to protect the nation's taxpayers. This group, the Security Summit, has found methods to help reduce fraudulent tax returns entering tax processing systems.

    Staying safe online

    Here are a few common-sense suggestions that can make a difference for children, teens and those who are less experienced:

    • Remind them why security is important. People of all ages should not reveal too much information about themselves. Keeping data secure and only providing what is necessary minimizes online exposure to scammers and criminals. Birthdates, addresses, age and especially Social Security numbers are among things that should not be shared freely.
    • Always use security software with firewall and anti-virus protections. Make sure the security software is always turned on and can automatically update. Encrypt sensitive files such as tax records stored on computers. Use strong, unique passwords for each account. Be sure all family members have comprehensive protection especially if devices are being shared.
    • Teach them to recognize and avoid scams. Phishing emails, threatening phone calls and texts from thieves posing as IRS or from legitimate organizations pose risks. Do not click on links or download attachments from unknown or suspicious emails.
    • Protect personal data. Don't routinely carry a Social Security card. Keep it at home. Be sure any financial records are secure. Advise children and teens to shop at reputable online retailers. Treat personal information like cash; don't leave it lying around.
    • Teach them about public Wi-Fi networks. Connection to Wi-Fi in a mall or coffee shop is convenient but it may not be safe. Hackers and cybercriminals can easily intercept personal information. Always use a virtual private network when connecting to public Wi-Fi.
    Source: IRS Blog
  • Charity fraud awareness, here and abroad

    October 21, 2019, 2:17 PM

    Today is the start of International Charity Fraud Awareness Week (ICFAW), a coordinated international effort to help charities and donors avoid charity fraud. The FTC joins state charities regulators across the country, the National Association of State Charities Officials (NASCO), and international partners in this campaign. By joining forces, we can reach more people and more charities with information and advice. Money lost to bogus charities and scammers means less donations to help those in need. And no one wants that, either here or abroad.

    The FTC’s education and outreach efforts in this area are in full force all year, but ICFAW is another opportunity to remind people how to spot scammers’ tricks and avoid donating to sham charities. There are tips at FTC.gov/Charity to help you, including how to research charities and check out their ratings with groups like the Wise Giving Alliance, Charity Navigator, Charity Watch, and Guide Star.

    This year, in addition to giving donor tips, we’re alerting charities about how to prevent cyber threats that can compromise their networks and computers. The tools at FTC.gov/Cybersecurity (fact-sheets, quizzes and videos) on topics like ransomware, phishing, business email imposters, hiring a web host, and more will help organizations make sure that they’re protecting their data and donors’ information.
    Don’t know where to start? Start with the basics:
    •    Set up software to update automatically
    •    Secure your files by making a back-up offline
    •    Require passwords for all devices
    •    Use multi-factor authentication (like a PIN or key)
    •    Encrypt devices

    Source: Federal Trade Commission
  • What Do Not Call complaints are telling us

    October 18, 2019, 2:31 PM

    Have you gotten a call from an imposter, maybe someone pretending to be with the Social Security Administration, IRS, or a tech support company, this year? If so, you’re not alone. Calls from imposters were the most-reported topic of unwanted calls to the FTC over the past year (FY2019).

    You can see our annual report on Do Not Call complaints, with state-specific data. But here are some key takeaways:

    • The FTC got 5.4 million complaints about unwanted calls this year.
    • 71% of complaints reported the call was a robocall.

    • Calls from imposters are now the most-reported type of unwanted call, with 574,000 complaints.

    • After imposters, the next most-reported topics were calls about medical issues and prescriptions, as well as reducing debt.

    • The states with the most consumer complaints (per 100,000 population) were Colorado, Oregon, Arizona, New Jersey, and Nevada.

    • The Do Not Call Registry now has 239.5 million numbers on it. More than 4 million of those were added over the past year.

    infographic for Fiscal Year 2019 Do Not call databook

    Find out more about what’s happening in your state. But remember — you don’t need to wait for our annual report to know what’s happening. As we told you this summer, the FTC’s Do Not Call data is now available in an interactive format at ftc.gov/exploredata, and is updated quarterly.

    The FTC continues to go after the companies and scammers behind these calls, so please keep reporting unwanted calls at donotcall.gov (or, if you’ve lost money to a scam call, at ftc.gov/complaint instead). We take the phone numbers you report and release them to the public each business day, which helps phone carriers and other partners that are working on call-blocking and call-labeling solutions. Your reports also help law enforcement identify the people behind illegal calls.

    To find out more about how to get fewer calls and avoid scams, check out the articles, videos, and infographics at ftc.gov/calls, and share them with your family and friends.

    Original Article and Source: Federal Trade Commission 

  • IRS, Security Summit partners urge tax professionals to review their practices, enhance safeguards to protect taxpayer data

    July 17, 2019, 8:26 AM

    Leaders from the IRS, state tax agencies and the tax industry today called on tax professionals nationwide to take time this summer to review their current security practices, enhance safeguards where necessary and take steps to protect their businesses from global cybercriminal syndicates prowling the Internet.

    Despite major progress by the IRS and the Security Summit partners against identity theft, evolving tactics continue to threaten the tax community and the sensitive data of taxpayers. 

    To help combat this, the Security Summit partners created a new “Taxes. Security. Together.” Checklist to serve as a starting point for tax professionals. Beginning next week, the IRS and Summit partners will issue a series of five Tax Security 2.0 news releases highlighting “Taxes. Security. Together.” Checklist action items.

    “The IRS, the states and the private sector tax industry have taken major steps to protect taxpayers and their data,” said IRS Commissioner Chuck Rettig. “But a major risk remains, regardless of whether you are the sole tax practitioner in your office or part of a multi-partner accounting firm. To help with this, we assembled a security checklist to assist the tax community. We hope tax professionals will use our checklist as a starting point to do everything necessary to protect their client’s data.”

    The Security Summit — a partnership between the IRS, states and the private-sector tax community — started in 2015 to combat identity theft and protect taxpayers. Key IRS data show the Summit continues making major progress against tax-related identity theft. Between 2015 and 2018, key indicators showed:

    • The number of taxpayers who reported to the IRS that they were victims of identity theft fell 71 percent. In 2018, the IRS received 199,000 identity theft affidavits from taxpayers compared to 677,000 in 2015. This was the third consecutive year this number declined.
    • The number of confirmed identity theft returns stopped by the IRS declined by 54 percent, falling from 1.4 million in 2015 to 649,000 in 2018.

    As the Summit has increased the tax community’s defenses against identity theft and refund fraud, cybercriminals continue to evolve. Increasingly, they look to data thefts at tax professionals’ offices to obtain large amounts of sensitive taxpayer data. Thieves then use stolen data from tax professionals to create fraudulent returns that are harder to detect.

    The "Taxes. Security. Together." Checklist

    The Summit partners urge the tax community to review these basic security steps this summer. Some tax pros may routinely overlook these checklist items and others need to regularly revisit them. The steps are not only important for tax practitioners, but for taxpayers as well. Everyone has a responsibility to protect sensitive data.

    The "Taxes. Security. Together." Checklist highlights key security features: 

    • Deploy the “Security Six” measures:
      • Activate anti-virus software.
      • Use a firewall.
      • Opt for two-factor authentication when it’s offered.
      • Use backup software/services.
      • Use Drive encryption.
      • Create and secure Virtual Private Networks.
         
    • Create a data security plan:
      • Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data. 
      • The security plan requirement is flexible enough to fit any size of tax preparation firm, from small to large. 
      • Tax professionals are asked to focus on key risk areas such as employee management and training; information systems; and detecting and managing system failures.
         
    • Educate yourself and be alert to key email scams, a frequent risk area involving:
      • Learn about spear phishing emails.
      • Beware ransomware.
         
    • Recognize the signs of client data theft:
      • Clients receive IRS letters about suspicious tax returns in their name.
      • More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted. 
      • Clients receive tax transcripts they did not request.
         
    • Create a data theft recovery plan including:
      • Contact the local IRS Stakeholder Liaison immediately.
      • Assist the IRS in protecting clients’ accounts.
      • Contract with a cybersecurity expert to help prevent and stop thefts. 

    Security Summit partners/tax professionals urge review

    “The states and our partners have made progress in the fight against tax-related identity theft, but criminals continue to evolve. We cannot let our guard down in this fight because our common enemy is well-funded, technologically skilled and savvy about state and federal tax processes,” said Sharonne Bonardi, president of the Board of Trustees of the Federation of Tax Administrators and Deputy Comptroller in Maryland. “To make this work, we need help from individual tax professionals across the nation.”

    Checklist marks third year of Summit campaigns aimed at tax professional community

    This year’s Tax Security 2.0 effort involving the Security Checklist is the third summer campaign in a row involving the Summit partners. The effort follows feedback and recommendations from the Electronic Tax Administration Advisory Committee (ETAAC) that encouraged the Summit partners to expand and intensify outreach efforts to the tax professional community on identity theft and security issues. 

    This year’s campaign also coincides with this summer’s IRS Nationwide Tax Forums, which will again feature a major focus on security protection for tax professionals. The sessions will provide continuing education credits for sessions led by experts from inside and outside the IRS. The American Coalition for Taxpayer Rights also will again sponsor special sessions with experts from the Pell Center for International Relations and Public Policy at Salve Regina University in Rhode Island. 

    Last year's Summit education effort focused on Protect Your Clients; Protect Yourself: Tax Security 101. In 2017, the campaign highlighted email schemes in Don’t Take the Bait.

    Separate Summit initiatives focus on identity theft awareness for individual taxpayers and consumer alerts for developing tax scams and schemes. 

    Resources available for tax professionals

    Tax professionals also can get help with security recommendations by reviewing IRS Publication 4557, Safeguarding Taxpayer Data (PDF), and Small Business Information Security: the Fundamentals (PDF) by the National Institute of Standards and Technology.

    Publication 5293, Data Security Resource Guide for Tax Professionals (PDF), provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and social media.

     
    Source: IRS