Cyber Monday traditionally closes out the busiest holiday shopping weekend of the year, which sees Americans swarming stores and crawling websites for post-Thanksgiving sales. Despite predictions of fewer in-person shoppers and eye-popping deals, there’s no doubt that consumers want to get the best bang for their buck.
Unfortunately, that laser-like focus puts Americans at risk of falling victim to the myriad phishing scams deployed this time of year. After all, people are even more likely to click on unsolicited sale emails and web ads when they’re desperately trying to track down The Perfect Gift™.
To help combat these holiday scams, the Security Summit is kicking off this year’s National Tax Security Awareness Week with ten tips for keeping your information out of criminals’ hands on Cyber Monday (and beyond).
What is the Security Summit?
The Security Summit is an organization composed of the Internal Revenue Service, state departments of revenue, and private members of the tax industry. They provide data-security recommendations and raise awareness of tax-based scams and threats.
What is National Tax Security Awareness Week?
National Tax Security Awareness Week is the Summit’s annual data security awareness campaign. For six years, they have promoted data security tips and highlighted phishing scams in an effort to combat identity theft tax refund fraud and other online data theft crimes.
How do I safely shop on Cyber Monday?
The Summit recommends taxpayers do these ten things to prevent data theft:
- Don’t forget to use security software for computers, tablets and mobile phones – and keep it updated. Protect electronic devices of family members, especially teens and young children.
- Make sure anti-virus software for computers has a feature to stop malware, and there is a firewall enabled that can prevent intrusions.
- Phishing scams – like imposter emails, calls and texts — are the No. 1 way thieves steal personal data. Don’t open links or attachments on suspicious emails. This year, fraud scams related to COVID-19, Economic Impact Payments and other tax law changes are common.
- Use strong and unique passwords for online accounts. Use a phrase or series of words that can be easily remembered or use a password manager.
- Use multi-factor authentication whenever possible. Many email providers and social media sites offer this feature. It helps prevent thieves from easily hacking accounts.
- Shop at sites where the web address begins with “https” – the “s” is for secure communications over the computer network. Also, look for the “padlock” icon in the browser window.
- Don’t shop on unsecured public Wi-Fi in places like a mall. Remember, thieves can eavesdrop.
- At home, secure home Wi-Fi with a password. With more homes connected to the web, secured systems become more important, from wireless printers, wireless door locks to wireless thermometers. These can be access points for identity thieves.
- Back up files on computers and mobile phones. A cloud service or an external hard drive can be used to copy information from computers or phones – providing an important place to recover financial or tax data.
- Working from home? Consider creating a virtual private network (VPN) to securely connect to your workplace.
While many of these tips are straightforward, two can be a little trickier to follow: knowing how to deal with phishing scams and getting a reputable VPN.
When it comes to avoiding phishing scams, here are three general tips:
- Don’t open unsolicited emails or social media messages.
- Don’t click links in emails, social media messages, or website ads.
- Don’t assume the sender name on emails and social media messages is who actually sent the message—criminals can and will impersonate or take over individual and business accounts.
Remember, if something seems too good to be true, it probably is. Instead of following links in emails or social messages, visit the company’s website directly.
As for finding a VPN that’s a good fit for your office, check out the “Working Virtually: Use a virtual private network to secure remote locations; Part 3 of Security Summit tips for tax professionals” press release.
Where can I find additional data-security resources?
The IRS closed their press release with links to the following resources:
What will the Security Summit cover next?
Tomorrow, the Security Summit has tips for avoiding fake charity scams—just in time for Giving Tuesday!