multi-factor authentication | Nesteggg Accounting

Yes, it is the busy season for tax preparers. But that is all the more reason to be careful. The IRS and its Security Summit partners today called on tax professionals and taxpayers to use the free, multi-factor authentication feature being offered on tax preparation software products.

Protect yourself and your clients against Identity Theft

Already, nearly two dozen tax practitioner firms have reported data thefts to the IRS this year. Use of the multi-factor authentication feature is a free and easy way to protect clients and practitioners’ offices from data thefts. Tax software providers also offer free multi-factor authentication protections on their Do-It-Yourself products for taxpayers.

“The IRS, state tax agencies and the private-sector tax industry have worked together as the Security Summit to make sure the multi-factor authentication feature is available to practitioners and taxpayers alike,” said Kenneth Corbin, Commissioner of the IRS Wage and Investment division. “The multi-factor authentication feature is simple to set up and easy to use. Using it may just save you from the financial pain and frustration of identity theft.”

Multi-factor authentication means returning users must enter their username/password credentials plus another data point that only they know, such as a security code sent to their mobile phone. For example, thieves may steal passwords but will be unable to access the software accounts without the mobile phones to receive the security codes.

Multi-factor authentication protections are now commonly offered by financial institutions, email providers and social media platforms to protect online accounts. Users should always opt for multi-factor authentication when it is offered but especially with tax software products because of the sensitive data held in the software or online accounts.

The IRS reminded tax professionals to beware of phishing scams that are commonly used by thieves to gain control of their computers. Thieves may claim to be a potential client, a cloud storage provider, a tax software provider or even the IRS in their effort to trick tax professionals to download attachments or open links. These scams often have an urgent message, implying there are issues with the tax professionals’ accounts that need immediate attention.

The IRS also reminds tax professionals that they can track the number of returns filed with their Electronic Filing Identification Number (EFIN) on a weekly basis. This helps ensure EFINS are not being misused. Simply go to e-Services, access the EFIN application and select EFIN status to see a weekly total of returns filed using the EFIN. If there are excessive returns, contact the IRS immediately.

Taxpayers can learn more about identity theft and how to protect themselves at Identity Theft Central on IRS.gov.

Tax professionals can learn more about protecting data, signs of theft or reporting data thefts Identity Theft Information for Tax Professionals. Also, Publication 4557, Safeguarding Taxpayer Data, provides a comprehensive overview of steps to protect computer systems and client data.

Follow these tips to protect data when shopping online

The IRS reminds holiday shoppers to protect their tax and financial data from identity thieves. All it takes is a few extra steps to prevent cybercriminals from stealing sensitive data, such as financial account information, Social Security numbers, and credit card information. Thieves could use this data to file a fraudulent tax return in 2019.

This tip is part of National Tax Security Awareness Week. The IRS is partnering with state tax agencies and its partners in the Security Summit to remind to taxpayers and tax professionals about the importance of protecting data.

Cybercriminals want to turn stolen data into quick cash. They do this by draining financial accounts, charging credit cards, creating new credit accounts or even using stolen identities to file a fraudulent tax return for a refund.

Here are seven steps taxpayers can follow to help protect their accounts and their money:

Avoid unprotected Wi-Fi. Unprotected public Wi-Fi hotspots may allow thieves to view transactions.
Shop at familiar online retailers. Generally, sites using the “s” designation in “https” at the start of the URL are secure. User can also look for the “lock” icon in the browser’s URL bar. That said, some thieves can get a security certificate, so the “s” may not always vouch for the site’s legitimacy. Beware of purchases at unfamiliar sites or clicks on links from pop-up ads.
Learn to recognize and avoid phishing emails. Thieves send these emails, posing as a trusted source, such a financial institution. or the IRS. The criminal’s goal is to entice users to open a link or attachment. The link may take users to a fake website that will steal usernames and passwords. An attachment may download malware that tracks keystrokes.
Keep a clean machine. This applies to computers, phones and tablets. Taxpayers should use security software to protect against malware that may steal data and viruses that may damage files.
Use passwords that are strong, long and unique. Experts suggest a minimum of 10 characters but longer is better. People should also avoid using a specific word in the password. They should also use a combination of letters, numbers and special characters.
Use multi-factor authentication when available. This means users may need a security code, usually sent as a text from a financial institution or email provider to a mobile phone. People use this code in addition to usernames and passwords.
Encrypt and password-protect sensitive data. If keeping financial records, tax returns or any personally identifiable information on computers, this data should be encrypted and protected by a strong password.

Use Multi-Factor Authentication the IRS Urges

Follow these tips to protect data when shopping online

Stay Connected

Get in Touch

constant contact