Slideshow 10 Tips for Fighting Tax-Related ID Theft

  • May 05 2016, 4:21pm EDT
11 Images Total

A growing problem

Tax-related identity theft is shaping up to be the No. 1 concern this tax season – the Internal Revenue Service even had to temporarily shut down a tool it offers victims of ID theft, because apparently ID thieves had wormed their way into it.

With that in mind, VPN service provider NordVPN offered these timely tips on staying safe during tax time.

You can see a text version of this story here.

1. When is a Web site not a Web site?

When it’s a “spoofed” site -– one that’s designed to mimic an official site, so that victims can be lured into divulging private information through it. Often scammers send an e-mail asking users to verify personal information, with a convenient link to the spoofed site.

These sites can often be spotted through their URLs, which may bear no resemblance to that of the organization they purport to come from. For instance, the IRS Web site is, not

Content Continues Below

2. If it sounds too good to be true … it is

Ignore Web sites, e-mails and tax preparers who promote inflated tax refunds. Refunds should be based on the taxpayer’s tax situation, not the marketing claims of the tax preparer, and many of those offering inflated returns are actually fronts for ID theft operations, or unscrupulous preparers who inflate client refunds through illegal deductions (and often skim most of the inflated refund off themselves).

3. Hang up!

The IRS never initiates contact with taxpayers over the phone. The original scam here was to call taxpayers and threaten them with prison time if they didn’t immediately pay a (non-existent) tax debt; this year it has been refined to ID thieves claiming to be IRS agents who only need to verify a few pieces of data to process the taxpayer’s return … .

4. Information is precious

Sensitive personal information needs to be protected, particularly when being transmitted. Take the necessary precautions when giving info out online – check the security levels of the sites you’re visiting, and use technology like private client portals, e-mail encryption, and virtual private networks where appropriate.

Content Continues Below

5. The password is …

A weak password on even the least-important-seeming account can lead fraudsters to the sort of information that allows them to unlock other accounts or steal an identity outright. Taxpayers should regularly change their passwords, and use strong passwords that aren’t easy to guess.

6. Perils in public

Public Wi-Fi is great – but not for any kind of sensitive personal information, and definitely not for filing taxes.

7. Social criminals

It’s remarkable how much information ID thieves can gather from social media to populate a bogus return. Change social media settings to “Private” or otherwise make them inaccessible to strangers.

Content Continues Below

8. Keep it secret; keep it safe

Don’t leave old tax return information and other sensitive data lying around on a hard drive; encrypt it and store it somewhere secure.

9. Alert the team.

The biggest security bug in any system is people, whether at a business or in a family. Educating everyone who has access to a system that includes private information -- from children and spouses to employees and partners – is critical.

10. Don’t let your guard down

The end of tax season doesn’t mean the end of the threat. Taxpayers need to remain vigilant about securely sharing information, storing it safely, not giving it away in social media or other public fora, and otherwise staying on top of their identity – to make sure someone else doesn’t borrow it.