IR-2024-283, Oct. 28, 2024 WASHINGTON — As National Cybersecurity Awareness Month concludes and preparation for next tax season begins, the Internal Revenue Service and its Security Summit partners today reminded taxpayers to be wary of online threats like identity theft and fraud. Whether shopping online or browsing social media, people unfamiliar with online security could be putting themselves at risk. Lax online behavior can open the door to swindlers eager to swipe people’s personal information and leave themselves vulnerable to tax-related identity theft. The IRS and Security Summit alert taxpayers to remain vigilant and to teach children and teens how to recognize and avoid online scams to minimize their chances of falling prey or unwittingly exposing their families to identity theft and tax fraud. The public-private sector partnership encourages everyone to be aware of the many security vulnerabilities they face online and to review a wide range of resources available to them as October’s National Cybersecurity Awareness Month draws to a close. Members of the Security Summit – a coalition that includes tax software and financial companies, tax professionals, state tax administrators and the IRS – also offer multiple online safety recommendations to protect taxpayers from tax-related identity theft. Online safety tips Options to help protect against cybersecurity attacks include: Recognize scams and report phishing. It’s important to remember that the IRS does not use unsolicited email and social media to discuss personal tax issues, such as those involving tax refunds, payments or tax bills. Don't reply, open any attachments or click any links. To report phishing, send the full email headers or forward the email as is to phishing@irs.gov; do not forward screenshots or scanned images of emails because this removes valuable information. Then delete the email. Protect personal information. Refrain from revealing too much personal information online. Birthdates, addresses, age and financial information, such as bank accounts and Social Security numbers, are among things that should not be shared freely. Encrypt sensitive files such as tax records stored on computers. Use strong passwords. Consider using a password manager to store passwords. Enable multi-factor authentication (MFA). Use this for extra security on online accounts. Use and update computer and phone software. Enable automatic updates to install critical security updates, including anti-virus and firewall protections. Use a VPN. Criminals can intercept personal information on insecure public Wi-Fi networks. Individuals are encouraged to always use a virtual private network (VPN) when connecting to public Wi-Fi.