Every tax season, scammers and fraudsters try to gain access to our personal data at a higher rate than other times of the year. Whether through fraudulent emails, fake phone calls, or hacking into computer or connected systems, it seems like there is a never-ending stream of attacks in the news. It’s more important than ever to recognize the signs of a scam, avoid falling victim to it, and how to better protect your personal and financial information.
You should also be aware of where fraud happens, which is what this blog post is all about.
What do thieves want with my personal information, anyway?
Gaining access to someone’s personal information is a lucrative business for fraudsters. Every piece of personal information, from someone’s name, address, email, social security number, bank account, and more can be sold on the black market. And some data is worth more than others; these days, a social security number or credit card number on their own aren’t worth much – maybe one or five dollars – but a bundle of information, online account log-ins, and passports can make a bad actor a lot of money.
Phishing is done through emails by getting recipients to click on fake links, which open up their computer, and perhaps their whole computer system, to hacks. Emails often look legitimate, and more sophisticated phishing attacks are being sent from real people you know; for example, your boss or another executive, seemingly asking for account credentials. It’s best to follow up in person with these types of requests, just to make sure they’re real.
ID Theft happens when thieves gain access to your personal information, tax returns, and/or credit card data, either through third party hacks or by infiltrating your computer. One way to protect yourself is to be aware when you’re logged onto public Wi-Fi, and avoid logging into your bank account, for example, unless you’re on a private network.
Tax ID Theft happens when a thief steals your social security number and name, and files a false tax return. Usually, they attempt to claim excessive deductions to get a large refund. These types of fraud cases rely on you filing your taxes late in the season, so they get to the IRS first. It can take months to resolve.
Point of Sale attacks happen where you shop and use your credit or debit card. Hackers can either target these vendors remotely and attempt to gain access to thousands or millions of records at once, or they can attempt to set up a card skimmer and capture as many credit cards as possible until the hack is detected.
Ransomware is a higher-level type of fraud that takes down an entire computer network, website, or backs up access to accounts. The hacker threatens to release confidential information unless the company pays a ransom. Individual taxpayers aren’t likely to encounter this type of fraud directly, unless it’s through their workplace.
Ddos attacks target connected networks, like the Ring home doorbell system or baby monitors linked through the internet. The rise of the Internet of Things, where our thermostats, garage doors, lights, and even home security are tied into each other, has also given rise to hackers targeting and taking down these systems.
There are so many ways that fraudsters can access our personal data, so it’s important to maintain extremely strong passwords – avoid using common names or dates that would be easy to hack. Also get in the habit of checking your credit and FICO score regularly so you can be alerted of any sudden change. If you’re unsure about an email, always call the sender personally to follow up, and remember that the IRS will never demand money over the phone or through an email; if you are the subject of a real audit or investigation, you will get a letter.
In our next post, we’ll discuss how small businesses are more frequent targets of fraud, and how you or your small business can better protect yourself against tax fraud and identity theft. In the meantime, if you have any questions about tax scams or implementing better security processes in your business, contact Naden/Lean today.