Summary:
Tax season can very well be the most stressful time during the fiscal year for companies and individuals. Number crunching and expense reporting often calculates to equate numerous cups of water and several large aspirin. But beware; this annual financial anxiety can easily become a lifetime of grief when a few simple details are overlooked to meet this year’s April 17th deadline. Your completed 1040 and documents sent to your CPA can become a cyber-criminal’s next meal ticket.
_____________________________
Taxes are completed in many different ways. Some of the more popular methods include hiring a tax professional or using Do-It-Yourself software to file your own taxes. Though these methods have proven to be successful, not all have been proven to protect your tax information. Whichever option you choose, just remember that each method comes wrapped in its very own invisible, yellow caution tape.
Hiring an Accountant
Hiring outside help to do the number crunching may assist you in completing your taxes in an accurate and timely manner. Unfortunately, doing so may leave you at risk for identity theft if you haven’t thoroughly researched your CPA or tax preparation firm. Keep in mind that you are potentially giving your financial advisor more than enough information for identity theft to occur. “Trust but verify….Do some background research before committing to your tax professional” (1) to avoid being scammed.
Outsourcing: CPAs need Extra Help Too
If you find your accountant to be trustworthy, then you will most likely communicate with them several times over the course of your tax preparation. And now email and the internet have allowed a number of busy tax preparation firms to acquire Business Process Outsourcing companies (BPOs) to pick up the slack during tax season.
Financial BPOs operate in countries from India to the former Soviet Union and provide CPAs extra, temporary staff to assist in meeting tax deadlines. Most people don’t ever realize that their tax forms cross international borders; it’s worth asking your CPA if he or she uses an outsourced agency.
While many overseas financial BPOs have credible and long-established connections to their United States counterparts, some means of data transfer could open your lives up to data thieves. Email makes it easy for CPAs to connect with their outsource firms, but email also opens those client files up for identity fraud if outbound email containing sensitive information is sent unprotected.
Email at any step between the accounting firm’s home office and the outsource firm can be intercepted in a number of ways (2):
• Interception of your wireless signal If you use an unencrypted wireless to log-on the internet or your local server, your computer’s contents including email are naked for all the world to read.
• Access to an email account is stolen: Once an outsider has gained access to yours or your CPA’s email account, they not only have access to all of your messages, but also those message attachments and your contacts.
• Insider leaks and redistributing sensitive content: The Ponemon Institute's "Survey on Data Security Breaches" reveals that 69% of all serious data leaks occur as a result of employee activities, whether intentional or unintentional. Researching your accountant’s firm and their outsourcing partner’s data policies can lessen your ID theft risk.
A quality accounting firm will have few security holes where your personal financial information can escape.
Emailing your Accountant or the IRS
What if you have questions for your CPA? Play it safe, if you have a last minute tax question, phone conversations should always be encouraged over email. If you do have to email, make sure you and your accountant use encryption software to keep clients’ tax information safe and well guarded during and after information transfer.
Filing Taxes Online with Do-It-Yourself Software
Taxes don’t always require a professional to get the job done right. Many taxpayers have found their tax remedy in “Do-It-Yourself” software; the most infamous one being TurboTax. Statistics show that 50% of people file their returns online (3) and according to the TurboTax website, 25% of these people did so with TurboTax. They guarantee that your information will be encrypted with the same level of security used in the Department of Defense.
While it’s up for debate whether the Department of Defense uses top-notch security or not, risk can be found anytime any information is submitted online. If your computer houses a virus that logs keystrokes, then no Department of Defense encryption will save you.
In another instance, a TurboTax user in Nebraska was able to access tax returns filed by others around the world with the same last name as hers (4). Had the TurboTax customer been a criminal or less honest, the accidental discovery could have been a cyber criminal’s gold mine!
Technological advances may have enabled companies to control how information is protected online through the use of secure sites, but the behavior of the internet is not always predictable.
Additional Tips For a Scam-free Tax Season
Options on how to go about filing your taxes are endless. The key to selecting the best method for you is to be aware of any security weaknesses and knowing where your tax information travels. Other necessary precautions to take during tax season are: (5)
• Shred any duplicates of sensitive information you don’t need
• Make sure your anti-virus software and firewall are updated
• Make it your business to know about the latest tax scams
• Monitor your mail and bank accounts closely
• Check the identity fraud policies of your bank(s) and credit card companies to make sure you get the best coverage if your identity is stolen
• Call the IRS a few days after sending in your tax returns to make sure they arrived safely, and also to make sure there were no duplicates sent in by an identity thief
• Never answer emails from the IRS, according to their website, “[the] IRS does not initiate communication with taxpayers through
e-mail. If you do receive this type of request, it may be an attempt from identity thieves to get your private tax information.” (6) If you happen to come across and phony emails or websites, please forward them onto phishing@irs.gov.
Practicing all of these will contribute to a safe and secure tax season, especially if you’re waiting for the last minute to get them in. Hopefully, these tips will counteract the otherwise hasty decisions that would have been made during the rush to make the deadline.
Whether you’re a do-it-yourself TurboTaxer or choose to hire an accountant, having your tax forms used in ID theft is one stress Americans don’t need this tax season. With a little extra research and care, protecting yourself from tax ID theft can be an added bonus on top of a generous refund.
______________________________
End Notes:
1.) Abbey, Alan. “Prevent Identity Theft at Tax Season.” SeekingAlpha. 6 April 2007 http://soundmoneytips.com/article/31063?source=feed
2.) Price, Zach & Veniegas, Marilee. “Steal This Email!” Essential Security Software, Inc.http://www.essentialsecurity.com/news.htm?id=39
3.) “Privacy Tips for Tax Season”. Privacy Rights Clearinghouse. 7 March 2007 http://www.privacyrights.org/ar/taxseason.htm
4.) “Woman Finds TurboTax Flaw Opening Other People's Tax Returns.” KSDK-TV 5, St Louis, MO. 9 April 2007 http://www.ksdk.com/news/news_article.aspx?storyid=116428
5.) “Don't Get Scammed at Tax Time.” TrustedID. https://www.trustedid.com/html/identity_theft_protection_resource_019.php
6.) Internal Revenue Service (IRS) “Identity Theft and Your Tax Records,” accessed 11, April 2007. http://www.irs.gov/individuals/article/0,,id=136324,00.html
7.) This year, 2007, the U.S. Income Tax Deadline falls on Tuesday, April 17th.
________________________________
About the Authors:
Marilee Veniegas and Veronica Mun are employees in the Marketing Department at
Essential Security Software, Inc., based in Bellevue, WA. Leading providers of award-winning email anti-theft software, Essential Taceo(R). They are also contributors to their company blog, I Want My ESS! and promotions site, The ESS Hub.
