Americans at risk of identity theft as they file their tax returns
As we move into the tax return season a new study reveals that attitudes to identity theft and a pattern of poor practices are leaving much of the public vulnerable.
Data security and ID theft protection company CyberScout has carried out its second annual Tax Season Risk Report and finds 58 percent of Americans are not worried about tax fraud in spite of federal reports of 787,000 confirmed identity theft returns in 2016, totaling more than $4 billion in potential fraud.
Among other findings are that only 35 percent of taxpayers demand that their preparers use two-factor authentication to protect their clients' personal information. Less than a fifth (18 percent) use an encrypted USB drive to save important documents like tax worksheets, W-2s, 1099s or 1040s. And another 38 percent either store tax documents on their computer’s hard drive or in the cloud, approaches that are susceptible to a variety of hacks.
More than half (57 percent) of consumers will file their returns in March, April or later, giving tax fraudsters time to impersonate them online and steal their refunds. Half of all taxpayers who use a tax service weren't sure how to evaluate them, chose someone online or didn't screen them beforehand, leaving them vulnerable to scams.
"In order to reduce the risk of becoming a tax identity theft victim, consumers need to follow the 3Ms: Minimize their risk of exposure, Monitor your accounts and your personal identity, and know how to Manage the damage," says Adam Levin, founder and chairman of CyberScout. "If the worst happens, victims of identity theft should turn to organizations they trust, including their insurance provider, financial services institution, or the HR department of their employer, who offer low-cost or free cyber protection services to protect and restore stolen identities."
Taxpayers and their tax preparers can help to protect themselves by visiting the federal web site on tax scam alerts to find out about the current scams and cyber-attacks.