(co-author: Rebecah Huang)
Cybercriminals pose a threat year-round, but the risks of your personal and sensitive information being stolen around this time of year increase significantly with tax related scams. As April 15th approaches, keep the following best practices in mind.
- One way to actively reduce risk is to file your taxes early. This prevents others from filing as you, in an attempt to steal your refund.
- Familiarize yourself with genuine Internal Revenue Service (IRS) communications. A common tactic used by criminals is impersonation, and this can be very convincing over the phone or email. Remember that phone numbers and email addresses can be spoofed, and that the IRS will never threaten you or demand immediate payment. For more information, see: How to know it’s really the IRS calling or knocking on your door.
- Make sure your passwords are secure. Use long passwords/passphrases with at least 14 characters; they should be lengthy but easy for you to remember. Remember, do not share your passwords and do not use the same password for multiple accounts as scammers will attempt to use a stolen password on multiple accounts.
- Always use multi-factor authentication (MFA) on all available accounts as a further layer of protection whenever available. This will require authentication via a device that you possess. For information on NYU MFA, please visit: nyu.edu/it/mfa
Use a secure virtual private network (VPN) whenever you are accessing or transmitting your personal/sensitive information. NYU provides secure access to the campus network with NYU VPN.
The most common IRS scams are phone and email phishing scams. If you encounter a tax scam or phishing attempt, you can report it to the FTC (reportfraud.ftc.gov) or IRS (phishing@irs.gov)
Resources:
- IRS Tax Security 2.0 – A “Taxes-Security-Together” Checklist
- NCSA + IRS STAY SAFE ONLINE DURING TAX TIME
- 7 Tips to Keep Client Data Safe During this Work-from-Home Tax Season