With the holiday season now in full swing, the period presents a prime opportunity for identity thieves to try stealing personal financial information. People can face risks if they’re shopping online and using publicly accessible Wi-Fi, and fictitious text scams with “smishing” schemes continue during this period.
“With holiday shopping starting and the 2023 tax season quickly approaching, many people will be using laptops and personal devices to share sensitive financial information,” said IRS Acting Commissioner Doug O’Donnell. “In the months ahead, these same devices will be used to complete millions of tax returns by both taxpayers and tax professionals, making the holiday season the perfect time to take steps to protect your valuable information and watch out for scams.”
Formed in 2015, the Security Summit partnership between the IRS, state tax administrators and the tax software and tax professional community have worked together to improve defenses and protect people from tax-related identity theft. As part of that effort, the Summit partners worked to raise taxpayer and tax professional awareness about security issues – not only protecting people from the risk of identity theft but helping protect the nation’s tax system from refund-related fraud.
The Summit partners urged people to take extra care while shopping online or viewing emails and texts, especially during the holiday season when criminals are very active. The Security Summit reminds everyone to stay safe while holiday shopping with the following considerations:
- Shop at sites where the web address begins with “https” – the “s” is for secure communications and look for the “padlock” icon in the browser window.
- Don’t shop on unsecured public Wi-Fi in places like a mall.
- Keep security software for computers, tablets and mobile phones updated.
- Protect the devices of family members, including young children, older adults as well as less technologically savvy users.
- Make sure anti-virus software for computers has a feature to stop malware, and that there is a firewall enabled that can prevent intrusions.
- Use strong and unique passwords for online accounts.
- Use multi-factor authentication whenever possible. It helps prevent thieves from easily hacking accounts.
The IRS also reminds people about advice from the Federal Trade Commission to never buy anything from online sellers that accept payment only by gift cards, money transfers through companies like Western Union or MoneyGram or cryptocurrency. Payments you make that way are nearly impossible to trace and reverse. Scammers often tell people to use those payment methods so they can get money quickly.
Additionally, the IRS warned taxpayers of a recent increase in IRS-themed texting scams aimed at stealing personal and financial information. During 2022, the IRS identified and reported thousands of fraudulent domains tied to multiple MMS/SMS/text scams (known as smishing) targeting taxpayers.
Smishing campaigns target mobile phone users, and the scam messages often look like they’re coming from the IRS, offering lures like fake COVID relief, tax credits or help setting up an IRS online account. Recipients of these IRS-related scams can report them to [email protected].
Stolen data can be used to file fraudulent tax returns that make it more difficult for the IRS and the states to detect because the fraudulent returns use real financial information. Other data thieves sell the basic tax preparer or taxpayer information on the web so other fraudsters can try filing fraudulent tax returns.
Given the rise of texting scams, taxpayers can check out security recommendations for their specific mobile phone by reviewing the Federal Communications Commission’s Smartphone Security Checker. Since phones are used for shopping and even for doing taxes, remember to make sure phones and tablets are just as secure as computers.
_ _ _