The IRS concluded its special summer series with important reminders to tax professionals and taxpayers to protect themselves against Identity theft.

The reminders for tax professionals and taxpayers to reduce identity theft risk are:

• Be cautious of email attachments and web links. Do not open a link or attachment that arrives unexpectedly. Many scammers can imitate legitimate businesses, taxpayer clients and government agencies, including the IRS. If in doubt about something you receive, independently contact the sender to confirm receipt and the validity of any unexpected links or attachments before opening.
• Do not send sensitive business information to personal email devices. Do not conduct business, including online business banking, on a personal computer or device. Likewise, do not engage in web surfing, gaming or video downloading on business computers or devices. All of these can add to security risks.
• Do not share USB drives or external hard drives between personal and business computers or devices. Never connect an unknown/untrusted piece of hardware to the tax pro’s system or network. Also do not insert any unknown CD/DVD or USB drives. Disable the “Autorun” feature for USB ports and optical drives on business computers to help prevent malicious programs from being installed.
• Be careful with downloads. Do not download software from an unknown web page. Always exercise caution with freeware or shareware.
• Use strong passwords. Never give out usernames or passwords to others. Strong passwords consist of a random sequence of upper and lower-case letters that include numbers and special characters. Ideally, passwords should be at least 14 characters long. For systems or applications that have sensitive information, use multiple forms of identification (multifactor or dual-factor authentication).
• Change default passwords. Many devices come with default administrative passwords. Change them immediately and regularly thereafter. Default passwords are easily found or known by hackers.
• Change passwords often. Every three months is recommended. Consider using a password management application to store passwords. Passwords to devices and applications that contain business information should not be reused.

Tax professionals and Taxpayers working from home either full- or part-time are urged to use the following to protect themselves from identity theft risk:

• virtual private networks, or VPNs, to securely conduct business, a step that can reduce the threat of data loss.
• caution with online business/commerce and banking. This should only be done while using a secure browser connection and never at a coffee shop, restaurant, or other business offering ‘free’ Wi-Fi.
• separate personal and business computers, mobile devices, and email accounts. This is particularly important for those who may share hardware with other family members, especially children, who may not be aware of safety protocols.

Is your CPA helping and protecting you and your business from identity theft