Stop Unemployment Benefits Fraud Find information for employees and employers in Identity Theft and Unemployment Benefits. Identity theft is a serious threat to business, partnership, estate and trust filers. Thieves may steal sensitive information to file a fraudulent tax return for a refund or to commit other crimes. All taxpayers must be alert and on guard at all times. It is important to take strong security measures to protect your business' and your employees' data. Know the Signs of Identity Theft Be alert to possible business identity theft if: You can't e-file a return because one was already filed with the same EIN or SSN. You get a rejection notice for a routine extension to file request because a return with duplicate EIN or SSN is already on file. You receive an unexpected tax transcript or IRS notice that doesn't match anything submitted. You receive a Letter 6042C or 5263C from us. You don't receive expected or routine correspondence from the IRS because the business address has been changed. Report Suspected Identity Theft or Data Loss Report suspected identity theft by submitting an affidavit Report identity theft on our business help line Report a suspected business data security breach Report a Form W-2 email scam involving employee data Protect Your Business and Prevent Data Loss Take the strongest actions possible to safeguard your systems and data. Here are recommendations: Take Basic Steps Protect your business data with these basic steps: Install anti-malware/anti-virus security software with automatic updates enabled on all devices: Laptops, desktops, routers, tablets and phones Deploy firewall protections on your network Use responsible passwords with: At least eight characters (longer is better) Special and alphanumeric characters Passphrases instead of passwords Unique passwords for each account Protection on wireless devices A password manager Choose multi-factor authentication when available Encrypt sensitive files and emails with strong password protection. Back up sensitive data to a secure, external source not connected to your network. Destroy old computer hard drives and printers that contain sensitive data. Limit access to personal data only to individuals who need to know. Enter personal data only on secure sites with web addresses that begin with "https." Follow a Data Security Plan Creating and maintaining a data security plan is key. If you can afford it, contact a cybersecurity consultant. If not, find help in IRS Publication 4557, Safeguarding Taxpayer Data PDF or in one of these guides: Start with Security: A Guide for Business from the Federal Trade Commission Small Business Information Security – The Fundamentals PDF from the National Institute of Standards and Technology Educate Your Employees You can help employees protect themselves and your business with information about data security. Share the Taxpayer Guide to Identity Theft and Publication 4524, Security Awareness for Taxpayers PDF . Provide employees with basic data security information and practices. For example: Beware of phishing emails, the most common tactic used to steal data Do not respond to suspicious or unknown emails. If the email is IRS-related, forward it to phishing@irs.gov. Never open or download attachments from unknown senders, even potential clients. Verify the email is authentic by calling them. Only email documents that are password-protected and encrypted. Use separate personal and business email accounts. Protect your email accounts with strong passwords and two-factor authentication, if available. Keep EINs Current and Safe It is important that all entities with an Employer Identification Number (EIN) keep the number safe and the application up-to-date with accurate responsible party and contact information. Update your EIN with Form 8822-B PDF . How We Protect Business Filers The IRS, state tax agencies and the tax industry work in coordination as the Security Summit to protect taxpayer data. Our program includes safeguards that identify suspicious returns. When we identify a business-related return that is potentially fraudulent, we issue a letter to the taxpayer seeking additional information before processing the tax return. Common letters are: Letter 6042C if we need information to validate the return Letter 5263C if we need information to validate the entity Please respond immediately to IRS correspondence. The IRS also asks tax professionals preparing business-related returns to answer a series of questions to help authenticate the validity of the business return. Tax preparation software for business-related returns also asks these questions. We never: Initiate contact with taxpayers by email, text or social media to request personal or financial information Call taxpayers with threats of lawsuits or arrests Call, email or text to request taxpayer Identity Protection Pins Resources 发布稿 4557,《保护纳税人数据》(英文) 发布稿 5293,《数据安全资源指南》(英文) 发布稿 5199,《报税人身份盗窃指南》(英文) NIST 的《小企业信息安全--基本原则》(英文) 身份盗窃中心