 Internal Revenue Service IRS tax news security summit tax pros can help clients battle identity theft risk The security summit battling bad guys just like the Justice League Yeah, or at least they're given advice to tax pros on how to battle the bad guys Honestly tax pros have to be like Batman these days You know that movie the accountant with the account was basically Batman These days, that's like a true story But first an attempt at a joke last month my boss informed me that you need to be more of a team player It's like I just need to be like a team player and I was like, okay boss What position do you want me to play this time? You're the coach and my boss said well this time We need you to play the all-important position of Team scapegoat to blame any problems on a scapegoat or sacrificial lamb and I was like, yeah But I always have to play that position coach Uh-huh, and if I can obtain for you these animals and they're like, yeah Well, you should be proud that you're so good at it. I'm sorry, Appu. I have no choice So I said okay as long as it's for the good of the team boss for the team Marshall for the team At the next regional meeting the CEO said revenue is down in your department. What do you have to say for yourselves? What do you have to say for yourself? The entire team stood up in unison pointed at me proclaiming. It's his fault It's his fault It's tough being a team player these days. I tell you what tough team It's not easy I Are 20 22-151 August 16 2022 Washington The security summit partners today concluded a special summer education campaign by outlining steps tax Professionals can take to help clients from becoming statistics and identity theft related tax fraud scams So in other words to try to help us out to avoid being the victims of tax fraud scams as tax professionals the IRS state tax agencies and the tax industry working together as The security summit there's a link to the security summit here have been combating identity theft since 2015 Seems like I'm not sure they've been the most effective But I think some of the changes in identity theft possibly increases in identity theft possibly more targets of Identity theft to tax professionals are clearly outside the security summits control Part of that might have to do with the Environment that we are in and the responses to things like the pandemic which would has increased the Potential gain for things like fraud for lower income individuals in particular making lower income individuals as well as tax professionals who have multiple This kind of identity information more valuable to tax scammers So that's just kind of part of the environment that we are in that we got to deal with So this is the final part of a five-part summer series Sponsored by the summit partners to highlight critical steps tax professionals can take to protect client data The quote protect your clients protect yourself in quote campaign is an effort to urge tax professionals to secure the computer system and Protect client data following the pandemic and its aftermath So basically there they don't know what to do on the government side of things So they're training us all to be like Batman and so we're all we all have to be you know Batman now So quote identity thieves always seem to find a hook to lure victims and we increasingly Sancti tax professionals as a target given sensitive client data They handle in quotes at IRS commissioner Chuck ready. It's kind of funny how we just kind of say well Due to the fact that tax professionals have sensitive informations They have more and more been a hook Well that something more than that has to have changed because the we have already you know The tax professionals have always had sensitive information and some of the things that might have changed is the environment in terms of the laws Which has make it more advantageous for scammers to scam particularly lower-income individuals due to the changes in things like the tax code and the stimulus payments and basically the You know other changes with refundable credits and that's just again Part part of the changes that are happening that that are obviously going to lead to scams Towards these types of things so quote tax professionals have their hands full taking care of their clients and staying on top of the latest in Professional developments, but they shouldn't overlook the basics of protecting their data and their systems missing these basic steps can be Devastating to a tax pro and their clients But a few common sense steps and being aware of security basics can go a long way to provide Important protection and quote while many be many may be working from home either full or part-time the IRS and security summit partners urge The use of virtual private networks or VPNs to securely conduct business so the VPNs are you know, obviously During this time frame a lot of people kind of decentralized even smaller offices instead of working more in say a Centralized location as you do that you have more nodes of entry from a computer standpoint where people can basically hack in or get Into the system and one way to to safeguard that as you have more of a decentralized network is to use these VPNs So that's something to be aware of so online business commerce and banking should only be done while using a secure browser Connection never at a coffee shop restaurant or other business offering free Wi-Fi So hopefully at this point everybody should know that you know if you're getting free Wi-Fi That is not a place that you want to be you want to be accessing anything That's sensitive financial information for clients for example or for banking information that kind of stuff One way users can tell if they're using a secure browser is by looking for a small lock visible in the lower right corner Or upper left of the web browser window some additional considerations be cautious of email attachments and web links Do not open a link or attachment that arrives unexpectedly Always call the sender to confirm receipt and validity of any unexpected links or attachments before opening now Unfortunately, again the tax professionals usually when we see these fishing scams We typically think of a fishing cam scam kind of as an unsophisticated scam because you look at some of those emails And they're clearly spam, but obviously they're using most of the time They're using this broad-based approach to shotgun pretty like not good looking emails because Part of their scam might be to try to convince people to pay them with like a with like a gift card or something, right? So actually having a not so professional looking email is a way to filter out people that Would not go all the way through with the scam of actually giving them money with like a gift card or something like that But if because of the changes in the law, they might find that it's worthwhile cost-benefit analysis to target Tax professionals because that information that they can get from there might be more valuable these days and instead of shotgunning these kind of These these very transparently spammy emails they might try to make a more targeted effort and make the emails look like a client email for example and Use multiple emails at a targeted fashion and so that's what we're looking at more possibly these days So use separate personal and business computers mobile devices and email accounts This is particularly important for those who may share hardware with other family members Especially children who may not be aware of safety protocols So obviously other people on the network can can give access to your network and now your networks Compromise they'd like to keep your personal network separate from the business network as much as possible Do not send sensitive business information to personal email devices Do not conduct business including online business banking or personal computer or device Likewise do not engage in web surfing gaming or video downloading on business computers or devices Do not share USB drives or external hard drives between personal and business computers or devices again This is something that's quite convenient to be able to do as it as an instructor. I used to You know want to take data from one place to the other but obviously, you know the hard drives Or you know can get infected people can put us put Some something on the hard drive and mess up the whole computer or try to hold it hostage or do whatever they do So never connect an unknown untrusted piece of hardware into the system or network Also, do not insert any unknown CD DVD or USB drive Disable the auto run feature for USB ports and Optical drives on business computers to help prevent malicious programs from being Installed so one way they can install these malicious programs is to try to get them on These thumb drives and then try to get some way that you put the that you'll access the thumb drive again And you would think That wouldn't be the easiest thing to do but they can get quite creative and causing an emergency to help someone out or something And you need to check out something on the thumb drive and whatever so be careful with downloads Do not download software from an unknown web page always exercise caution when freeware or shareware So use strong passwords never give out user names or passwords to others strong passwords consist of random Sequences of letters to include upper and lowercase numbers and special characters So you want to have passwords that you can't possibly remember is the bottom line Ideally passwords should be at least 12 characters long for systems or applications that have sensitive information Use multiple forms of identification multi-factor or dual-factor Authentification so that means you want to get the text message on your phone every time you log into something or something like that Change default passwords Many devices come with default administrative passwords So if you get a default password that you didn't make up Then you want to change that because people might know the default password change them immediately and regularly there after Default passwords are easily found or known by hackers change passwords often every three months is recommended Considered using a password management application to store passwords There's like a last pass and other kind of stuff that could be useful Passwords to devices and applications that contain business information should not be reused So you don't want to use the same password every time Additional resources so you can find additional resources at this exciting stuff So you can feed what you need to be as a tax professional and that's like Batman So in addition receiving IRS publication, we got four five five seven safeguarding taxpayer data There's a link to that here tax professionals can also get help with security recommendations by reviewing Small business information security the fundamentals There's a link to that here by the National Institute of Standards and Technology. You got the IRS identity theft central pages There's a link to that for tax pros individuals and businesses have important details as well You got publication five two nine three data security resource guide for tax professionals providing a compilation of data theft information available on IRS dot gov IRS dot GOV IRS dot GOV So all that cool stuff is here and there'll be a link to this in the description You