Tax Tip 2019-122, September 5, 2019 Tax professionals and their employees can take steps to help prevent thieves from stealing sensitive data. Cybercriminals use phishing emails and malware to gain control of computer systems or to steal usernames and passwords. Here are some simple steps that tax pros and their employees can take to protect their clients’ data. They should: Use separate personal and business email accounts. Protect email accounts with strong passwords and two-factor authentication if available. Install an anti-phishing tool bar to help identify known phishing sites. Use anti-phishing tools that are included in security software products. Use security software to help protect systems from malware and scan emails for viruses. Never open or download attachments from unknown senders, including potential clients. They should instead make contact first by phone. Send only password-protected and encrypted documents when files must be shared with clients over email. Not respond to suspicious or unknown emails. Forward scams that are related to the IRS to phishing@irs.gov. All tax professionals should remember they must have a written data security plan. This is required by the Federal Trade Commission and its Safeguards Rule. More information: Publication 4557, Safeguarding Taxpayer Data PDF Small Business Information Security: The Fundamentals PDFby the National Institute of Standards and Technology. Publication 5293, Data Security Resource Guide for Tax Professionals PDF Subscribe to IRS Tax Tips
