Don’t Take the Bait; Avoid Phishing and Malware to Protect Your Personal Data
IRS Security Awareness Tax Tip Number 2, November 30, 2015 Español
“Update your account now.” “You just won a cruise!” “The IRS has a refund waiting for you.”
In the cyber world of phishing, the sentences are “bait” – lures from emails, telephone calls and texts all designed to separate you from your cash, your passwords, your social security number or your very identity.
The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. Working in partnership with you, we can make a difference.
No doubt you’ve heard that warning to beware of phishing many times. But, phishing remains a problem because it works. Cybercriminals on a daily basis concoct new ways to trick people into turning over cash or sensitive data that can affect your taxes.
When it comes to this type of crime, the main line of defense is not technology, it is you.
Criminals pose as a person or organization you trust and/or recognize. They may hack a friend’s email account and send mass emails under their name. They may pose as your bank, credit card company or tax software provider. Or, they may pose as a state, local or federal agency such as the Internal Revenue Service or a state agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in pages.
Just remember: No legitimate organization – not your bank, not your tax software company, not the IRS – will ever ask for sensitive information through unsecured methods such as emails. And the IRS never sends unsolicited emails or makes calls with threats of lawsuits or jail.
Scam emails and websites also can infect your computer with malware without you even knowing it. The malware can give the criminal access to your device, enabling them to access all your sensitive files or track your keyboard strokes, exposing login information.
Here are a few simple steps you can take to protect yourself:
- Avoid suspicious phishing emails that appear to be from the IRS or other companies; do not click on the links- go directly to their websites instead.
- Beware of phishing scams asking you to update or verify your accounts.
- To avoid malware, don’t open attachments in emails unless you know who sent it and what it contains.
- Download and install software only from websites you know and trust.
- Use security software to block pop-up ads, which can contain viruses.
- Ensure your family understands safe online and computer habits.
Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.
Additional IRS Resources:
- IRS Commissioner Koskinen's Statement on the Security Summit Group Public Awareness Campaign
- Report Phishing and Online Scams
- IR-2015-129, IRS, States and Tax Industry Announce New Steps to Help Public to Protect Personal Tax Data
- Fact Sheet 2015-23, IRS, States and Industry Partners Provide Update on Collaborative Fight Against Tax-Related Identity Theft
- IRS and Partner Statements on the October 2015 Security Summit Meeting
IRS YouTube Video: