Best practices for businesses to stay safe online this tax season

April 20, 2021 | Rupesh Chokshi

It’s tax time again. Typically, the deadline for federal tax filing in the United States is April 15, but this year the deadline has been extended to May 17, 2021. However, if you think your business will be receiving a refund, the IRS encourages you to file as early as possible.

Filing taxes can be stressful. Adding to the potential stress is the increasing tax scams out there and the ongoing battle to keep your company data protected and secure.

But staying safe online when filing taxes does not have to be stressful.

We’ve come up with some tips and suggestions to help and have organized them into three categories: how to secure your device, best practices when online, and how to work with your tax preparer or accountant.

security tips for taxes graphic

Your device

Whether it’s your smartphone, tablet or desktop, you’ll want to provide that the device you use to file taxes is as secure as possible.

The first step involves passwords. Not only should your password be more of a pass phrase (like 2dogswalkingInthe^^park), but the password you use for anything concerning taxes should be completely different from passwords used for other accounts. Sure, remembering different passwords for separate logins is difficult, but password managers can be very helpful, for tax season and for regular password management.

Next, it’s highly recommended to use multi-factor authentication (MFA). If you’re doing online banking, you’re probably familiar with MFA, which provides an additional layer of security by sending you a unique one-time code via email or text message. Most online tax services offer this optional, but more secure and recommended, method of authentication.

Securely logging in is only the beginning. Before you even log in and start using any tax-related software, you’ll need to make sure that all the software is up to date—not just the tax software but the operating system as well, whether that’s Windows, iOS, Android, or Mac OS. Running the latest version of the software means any security issues will be addressed and up to date, and that system performance is optimized.

When it comes to devices, the final piece of the security puzzle is where you are when you file your taxes. Especially when such confidential and sensitive information is being transferred over the internet, a secure network is crucial. If at all possible, avoid using public wi-fi. If you must use public wi-fi, ensure that you’re using a VPN.

Your online behavior

Tax season can be stressful, and when we’re stressed, it’s much harder to be vigilant about our online behavior and security. But how you react to messages and people online will play a key role in keeping secure.

Perhaps the most important takeaway of this entire article is this: never provide sensitive information to anyone online, over text, or over the phone unless you can verify they the person or agency on the other end is legitimate.

Whenever you receive a call, text, or email that asks you to provide valuable financial or personal information, it is most likely a scam. By providing this data to thieves, you may lose money or even your identity.

Always be suspicious.

But how can you tell if it’s a scam?

If the message claims to be from the Internal Revenue Service (IRS), know that the first method of contact for the IRS is carried out through the U.S. Postal Service. Only if you’ve responded in some way to their communication through physical mail will they follow up with a phone call.

Plus, The IRS will never insist that payment must be made to anyone other than the U.S. Treasury.

Be especially skeptical of calls claiming to be from federal agencies that use what may appear to be a legitimate caller ID. Many of these calls are scams. If you’re not sure, always verify. Calling the agency directly is always helpful.

Beware of scare tactics and threats of urgency to solicit sensitive data like your Social Security Number (SSN), taxpayer ID, bank account, or login information. If a message contains an attachment, unless you can verify that the sender is legitimate, do not open it and delete the message.

If you believe any email or message is suspicious, report it to phishing@irs.gov.

Third parties

When your company’s confidential information is provided to third parties, that data is only as secure as the person or company handling it.

Your tax information is a treasure trove of valuable data for cybercriminals. The tax preparer or accountant you choose to work with should take that security seriously, so it’s in your best interest to invest time to determine if the tax preparer is cyber-savvy.

Be selective, and don’t be shy to ask questions like who has access to your data, how files are exchanged, where and how files are stored, and what type of security and/or encryption does the preparer use.

When sending sensitive documents, it’s usually best to avoid email. However, in today’s socially distanced world, in-person delivery may not be as easy. Regular U.S. Mail aka snail mail is a sensible option.

However, if email is the most efficient solution, security is more critical. Files and emails should be encrypted whenever possible. Encryption secures the data as it travels over the internet by providing it can’t be read by anyone other than the intended recipient. Even if it’s just an Excel spreadsheet, at the very least, you should encrypt the file with a password.

Finally, and this tip cannot be stressed enough, make sure you back up your files. If you or the third party happens to lose the data or is victimized by ransomware, you’ll have another copy. If possible, try to keep one copy of your very sensitive data (like taxes) in a separate physical location. 

More resources

The IRS has several additional guides to help you stay safe at tax time:

Tax Security 2.0 – A "Taxes-Security-Together" Checklist

Tax Scams and Consumer Alerts

Security Summit

Ultimately, tax time isn’t the only time you need to stay safe online and protect your sensitive information and data. At AT&T, your security is our top priority.

Rupesh Chokshi

About the Author: Rupesh Chokshi

Rupesh Chokshi is an innovative leader with a strategic focus on growth in global telecommunications and technology. He leads the Cybersecurity portfolio and is responsible for developing and executing the commercial strategies to drive revenue and market share. These include product and supplier management, marketing and demand generation, and the enablement of AT&T’s sales resources in positioning AT&T Cybersecurity services and solutions to help make an organization’s network more resilient, and safer for them to innovate. Rupesh’s responsibilities also include managing AT&T Alien Labs, the threat intelligence unit of AT&T Cybersecurity.

Read more posts from Rupesh Chokshi ›

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via email

RSS

Get price Free trial