IRS Officials Offer Security Tips for Personal Information

The Internal Revenue Service reminds taxpayers to protect their personal, financial and tax information.

They say personal information should be treated like cash and should not be handed out to just anyone. This includes Social Security, credit card, bank and utility account numbers, all of which can be used to steal money or open new accounts. Taxpayers are urged to think about whether requests for personal information are truly necessary, as scammers will do anything possible to appear both trustworthy and legitimate.

IRS officials note the easiest way for criminals to steal sensitive data is simply to ask for it. Taxpayers should learn to recognize phishing emails, calls or texts that pose as familiar organizations such as banks, credit card companies or even the IRS.

Such bogus communications generally urge taxpayers to give up sensitive data like passwords, Social Security numbers and bank account or credit card numbers. They are called phishing scams because they attempt to lure the receiver into taking the bait. The subject line may suggest the recipient just won a free cruise or that they must immediately update an account. Never open a link or an attachment from a suspicious email. It may contain malware.

Also, don’t assume internet advertisements, pop-up ads or emails are from reputable companies. Before doing anything online, check companies to make sure they are legitimate. When online, a little research can save money and reduce security risks. If an ad or offer looks too good to be true, take a moment to check out the company behind it. Type the company or product name into a search engine with terms like “review,” “complaint” or “scam.”

Never download “security” software from a pop-up ad. A pervasive ploy is a pop-up ad that indicates it has detected a virus on the computer. It urges users to download a security software package. Don’t fall for it. It most likely will install some type of malware. Reputable security software companies do not advertise in this manner.

Do not carry Social Security cards or any documents that may include the number with you. Provide Social Security numbers only when necessary, as businesses will occasionally request them when they are not essential.

Personal information should only be shared over encrypted websites. To determine if a website is encrypted, look for “https” at the beginning of the web address. The “s” stands for secure. Keep in mind some websites only use encryption on the sign-in page. If any part of the session isn’t encrypted, the entire account and the included financial information could be vulnerable. Look for “https” on every page of the site.