Open Season for Tax Identity Thieves!

Open Season for Tax Identity Thieves!

Open season for Tax Identity Thieves is in full swing.  They are ready for you to procrastinate, to hold off on doing your taxes because they are ready to do it for you. 

Tax identity theft occurs when the bad guy uses your Social Security Number (SSN) to file a fake tax return and collect your refund.  You are unlikely to find out about it until you attempt to file your real tax return and it is rejected by the IRS as a duplicate.  The fraudulent use of your SSN means you also may be at risk for other types of identity theft. 

What to do.
  • Beat them to it and file your taxes as early as possible to ensure you do not become a victim.  This is extremely important if you know your information has been part of any one of the data breaches over the years or if you have had your identity stolen in the past already. 
  • Protect your Social Security Number whenever possible.  You are often asked for your SSN on forms but it is not always necessary.  Do not provide your SSN unless it is absolutely needed.
  • Beware of SCAMS.  Lookout for Government imposters threatening fines, arrest or cancellation of your SSN if you do not pay them immediately.  They will usually ask you to pay with a gift card or prepaid debit card. If you pay them, you will never see your money again.  Some scammers will ask you to confirm your identity by providing your SSN, again, do not. Remember, the IRS will contact you first by mail.  Additionally, the IRS will never email you, send you a text or contact you on a social network.
  • Secure your network.  If you are filing electronically, use a secure, password-protected network or Virtual Private Network (VPN) connection to do so.  You can also mail your returns directly from the Post Office, do not put them in your personal mailbox with the flag up!
  • Know your tax person!  If you are using someone to prepare your taxes, you must go through your due diligence before you hand over your Personally Identifiable Information, (PII). 
What if it happens to me? 
  1. First, contact the IRS as soon as you can.   Keep careful documentation of everything and stay in touch with the IRS until the issue is resolved. 
  2. Second, file a complaint with the Federal Trade Commission.
  3. Third, file a complaint with the local police department. 
  4. Fourth, put a fraud alert on your credit file with all three credit bureaus.
    It is an open hunting season for identity thieves but we don’t have to be deer in headlights, take these steps and mitigate your risk.   

Hunting season for Tax Identity Thieves is in full swing and its time to know your rights:  PDF HERE 

If you don’t want to fight this fight alone, get identity theft protection and mitigate your risks with monitoring, cover your losses with insurance and ensure peace of mind with a place to turn with full-service recovery experts.  Read more about identity theft protection here:  14 features of Identity Theft Protection Monitoring and the Most Important Feature!






43% of Breaches Affect Small Businesses

43% of Breaches Affect Small Businesses

In the recently released 2019 Verizon Data Breach Investigations Report (DBIR), Verizon found that 43% of breaches affect small businesses and that a third (32%) of breaches involved phishing, a form of social engineering.

Verizon built this report upon the analysis of 41,686 security incidents and 2,013 confirmed data breaches, the Verizon DBIR digs into the overall threat landscape, the actors, actions, and assets that are present in breaches.

The 2019 Verizon Data Breach Investigations Report (DBIR) Key Takeaways (please see here) highlights 12 key takeaways including:


  1. Financial gain remains the most common motivate behind data breaches (71%)
  2. 43% of breaches affect small businesses
  3. Phishing Phunny!A third (32%) of breaches involved phishing
  4. The nation-state threat is increasing, with 23% of breaches by nation-state actors
  5. More than half (56%) of data breaches took months or longer to discover
  6. Ransomware remains a major threat and is the second most common type of malware reported
  7. Criminals increasingly target Business Executives with social engineering attacks.
  8. Crypto-mining malware accounts for less than 5% of data breaches, despite the publicity it didn’t make the top ten malware listed in the report
  9. Espionage is a key motivation behind a quarter of data breaches
  10. 60 million records breached due to misconfigured cloud service buckets
  11. Continued reduction in payment card point of sale breaches
  12. The hacktivist threat remains low, the increase in the DBIR 2012 report appears to be a one-off spike

An interesting takeaway:

Cyber attackers target the network, where executives are “six times more likely to be a target of social engineering than they were only a year ago; and, C-level executives are 12 times more likely to be the target.”

This means that Business Email Compromises (BEC) are proving successful for ID theft criminals and cyber thieves.

Verizon stated that BEC breaches represented 248 (18%) confirmed breaches out of the 2,013 confirmed data breaches. In addition, Risk-Based Security recently announced the release of its Q1 2019 Data Breach QuickView Report highlighting how over 1,900 data breach events — exposing over 1.9 billion records — were reported in the first three months on 2019.

According to Risk Based Security, “no other first quarter has seen this level of activity, putting 2019 on pace to be yet another ‘worst year on record’ for the number of publicly reported breaches.”

The report found “that 67.6% of records compromised in Q1 were due to exposure of sensitive data on the Internet.”

If you are a small business, considering Identity Theft Protection as an Employee Benefit or a breach readiness and response program is worth considering!


Enjoy this blog? Please spread the word :)