The number of people filing their taxes online continues to grow, especially from personal computers as consumers use tools like Intuit’s TurboTax and other filing software options.
But as that trend increases, so does the upward tick of security breaches and chances for hackers to gain your personal information. It’s now second nature to check websites for secure payment options when purchasing items from online retailers, but it takes a few other measures to ensure that cyber criminals aren’t leeching precious personal data during tax season, including social security numbers and financial information.
Despite the fact that about 81% of tax filers in the United States plan to submit their tax forms online this year, security gaps continue to put social security numbers and other crucial personal information at risk. And though some of the blame lies with corporations carelessly protecting consumer data, tax season is the best time for consumers to become — and stay — proactive about securing their online identity.
More than 1 billion records containing personally identifying information (PII) have been exposed to hackers and identity thieves in the past decade, according to Adam Levin, Credit.com chairman and co-founder. Anthem, the second largest health care provider in the nation, announced in early February it had fallen prey to hackers who breached the company’s database and gained access to social security numbers, birth dates, and other identifying information. And that’s just one of several in a string of high-profile hacks in recent years, which catapulted it to the national spotlight in President Barack Obama’s State of the Union speech this year.
“And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable,” Obama said during the January 20 speech.
Even tax filing giants like Intuit’s TurboTax haven’t been immune to suspicious activity: Though the company wasn’t breached, it did suspend state tax filings in early February because of suspected fraudulent tax filings using TurboTax software. Forbes noted that at least 18 states suspected fraudulent activity, and Minnesota stopped accepting filings from TurboTax altogether.
About 91% of online tax filers take care to use secure networks and computers with up-to-date anti-virus protections, according to a survey conducted by Experian. But about 16% of those polled by the credit reporting bureau don’t realize the risks of potential identity theft through tax filings, and 50% aren’t familiar with the IRS program that assigns PIN numbers to cut back on fraudulent tax filings.
“Tax filers are obvious targets for identity thieves since money can be made filing false returns or by stealing the information off of tax documents to commit identity theft,” said Becky Frost, senior manager of consumer education for Experian’s ProtectMyID. Fighting identity theft through tax filings is one of the main priorities for the IRS, but media relations specialist Anabel Marquez encouraged taxpayers to be proactive and take steps to prevent the theft before data thieves attempt to cash in with fake tax returns.
Security breaches could become a third certainty behind death and taxes, as Levin at Credit.com points out. But Levin and several others also provide tips for consumers to take data security into their own hands.
The IRS began a program in 2011 that assigns unique 6-digit PIN numbers to taxpayers who have had their identities stolen, or who may be at risk for a stolen identity. The PIN is required on all tax return documents and ensures that the correct person is filing for their refund. The IRS also began a pilot in January 2014 that gave the opportunity for tax filers in the District of Columbia, Florida and Georgia to sign up for a PIN, even if they weren’t victims of identity theft. Though the program isn’t open to the entire public yet, the IRS assigned 1.2 million PIN numbers in 2014, up from 770,000 in 2013.
Though obtaining a PIN is a good idea if you suspect you’ve been a victim of identity theft, there are other tips that Experian and other sources suggest.
1. Research any tax-preparer software. Numerous fake sites will gladly take your personal information, so make sure that the sites boast proper authentication. TurboTax, for instance, gives a list of ways it protects your information, including using bank-level encryptions and multiple channels of authentication before allowing people to access your filings.
2. Only use a computer with updated anti-virus software, a firewall and a password.
3. Don’t respond to emails, text messages or social media requests from someone posing as the IRS. The organization says it doesn’t initiate contact with consumers in these ways, especially to discuss financial and personal information. Those types of contacts should be reported to email@example.com.
4. When possible, check your credit score and monitor lines of credit opened in your name. Many credit card companies, including Capital One and Discover, offer this on a monthly basis. And in cases of suspected identity theft, the Federal Trade Commission provides information about how to set up fraud alerts with the three credit reporting agencies to monitor activity more closely.
5. For the more extreme at heart, financial adviser Kiplinger suggests claiming more tax allowances, so that take-home pay is higher and tax withholding drops. That can be a balance to make sure you won’t owe money come the next tax season, and Kiplinger suggests filling out a W-4 worksheet to see which allowances you qualify for and trying their tax withholding calculator. By having the amount of allowances match your estimated tax refund, Kiplinger writes that there won’t be a need to file for the return at all.
Though these tips are common sense, the biggest enemy is our own desire for convenience. “We live in a very connected world where convenience continues to trump security – often in the name of innovation,” Levin writes. So every time you save a password in an app and use public Wi-Fi to view financial documents, you put yourself at risk. It’s one thing to have your bank account at your fingertips. But it’s quite another to have that information, and mountains of other tax-related data, at the fingertips of other people who would rather see your money go to their bank accounts.
So though it should absolutely be the responsibility of tax preparers and online filing sites to protect your information, the ultimate responsibility lies with you to keep your refund, and your personal information. Don’t leave your W-2 in your mailbox, and don’t file online using Starbuck’s Wi-Fi.