Every year, millions of us are due refunds from the IRS. Unfortunately, scammers know this, and it’s not too difficult to file a fraudulent tax return and snatch your refund. All they really need is your Social Security number, and those have become ridiculously easy for many hackers to obtain. In fact, it’s often not the hacker himself who files the fraudulent return, but crooks who purchase lists of names and Social Security numbers from the hacker.

Often thieves don’t even need Social Security numbers; they just call unsuspecting individuals, pretend to be conducting official business of some sort, and request the number over the phone. You’d be surprised how often this works!

The fact that you can sell a list of names and Social Security numbers on the black market is a pretty big incentive for those with a little bit of hacking know-how. Of course that also means that you, as a business owner, have an important responsibility to your customers and any other companies with whom you do business. If your data storage system contains Social Security numbers or tax information (especially if you own a CPA firm), you’re a prime target for hackers and identity thieves. They view your network and database as a gold mine!

A data breach could cause financial hardship and stress for your clients, not to mention a public relations nightmare and potential fines or penalties for you… But what can you do? Actually, there are three steps that you can take to ward off hackers who might be snooping around this tax season.

Educate your clientele. If you store customer information in your system, such as names and telephone numbers, make sure your clients know exactly what to expect from you in terms of communication.  If you never request private information via email or phone, then let your clients know.  This way, if they do get a call or an email from a scammer claiming to be from your firm, they will know not to respond or to contact you first.  Let them know that they need to be careful of links in emails.

Consider cyber risk insurance. Many businesses are protecting themselves with cyber risk insurance, which covers the cost of reparations you could be ordered to make to defrauded customers. Unfortunately, cyber insurance can’t do much to repair a ruined business reputation, so you shouldn’t rely upon it alone to protect your business.

Use Encrypted Email. This is the big one. If you’re storing sensitive customer information and sending it via email, you absolutely must secure your network against hacking attempts. Encrypted email is a simple way to protect yourself and your clients.

Give us a call at 888-RING-MY-TECH. We can check your network for vulnerabilities and make suggestions to help you secure it.