The holidays are the prime season for criminals shopping for credit card numbers, financial account information, Social Security numbers and other sensitive data that could help them file a fraudulent tax return.
The Internal Revenue Service recommended this week that anyone who has an online presence should take seven simple steps that could go a long way to protect their identity and personal information.
Cybercriminals seek to turn stolen data into quick cash, either by draining financial accounts, charging credit cards, creating new credit accounts or using stolen identities to file a fraudulent tax return for a refund.
During the current online holiday shopping season, the IRS, along with state tax agencies and the tax community, partners in the Security Summit, are marking "National Tax Security Awareness Week," Nov. 27 to Dec.1, with reminders to taxpayers and tax professionals.
In addition to its specific recommendations for online security, the IRS says people can take a couple of additional steps several times a year to make sure they have not become an identity theft victim.
One is to receive a yearly free credit report from each of the three major credit bureaus, and check it for any unfamiliar credit changes.
Another is to create a "My Social Security" account online with the Social Security Administration on which users can see how much income is attributed to their SSN. This can help determine whether someone else is using the SSN for employment purposes.
The IRS suggests that people visit the "Taxes. Security. Together." awareness campaign or review IRS Publication 4524, Security Awareness for Taxpayers to see what can be done to protect themselves online.
Following are the IRS's seven steps to help with online safety and protect tax returns and refunds in 2018.
1. Shop at Familiar Online Retailers
The IRS notes that sites using the "s" designation in "https" at the start of the URL are generally secure. Users should look for the "lock" icon in the browser's URL bar. But the agency also cautions users to be wary: bad actors can obtain a security certificate, so the "s" may not vouch for the site's legitimacy.
2. Avoid Unprotected Wi-Fi
Unprotected public Wi-Fi hotspots may allow thieves to view transactions. The IRS advises users not to engage in online financial transactions if they are using unprotected public Wi-Fi. They should also beware purchases at unfamiliar sites or clicks on links from pop-up ads.
3. Learn to Recognize and Avoid Phishing Emails