This is the time of year when personal, tax-related information is prepared and forwarded as part of the tax filing process – thereby putting much sensitive data potentially at risk of loss and theft. I tend to agree with those who believe that most American taxpayers now are careful to properly shred their paperwork with sensitive information before disposing of it. However, given the huge proliferation of criminal schemes and high-tech scams designed to pilfer and misuse the personal information of millions of victims, it’s very clear that shredding alone is not nearly enough to protect our personal identity and funds.The Official Identity Theft Prevention Handbook: Everyone's Identity Has Already Been Stolen - Learn What You Can Do About It
Mountain View, CA -based WatchDox is a privately held firm that’s in business to protect its clients’ electronic information by enabling secure document sharing and collaboration, inside and outside of organizations. Earlier this month, WatchDox published and made available on their website handy tips to help taxpayers protect their identity and prevent data loss during tax season. What follows is the WatchDox list of precautions to take when preparing and filing sensitive tax returns – tips that also had been made available at the www.SecurityProducts website:
Be wary of phishing scams. The IRS reported in 2008 that it had received a total of 33,000 scam e-mails over the years, all of which were forwarded by taxpayers. Those e-mails, the agency said, represent 1,500 different schemes. The IRS does not use e-mail to communicate with taxpayers. If a message shows up in your inbox purporting to be from the IRS, it is almost certainly a scam.
Protect your personally identifiable information (PII). Tax forms, by necessity, contain PII that could be valuable to identity thieves. If someone requests your Social Security or bank account numbers over the phone or via e-mail, decline to share that data.
Determine whether your PC is one of the 60 percent of machines in the country infected by malware. Malicious software makes its way onto personal computers via e-mail and the Internet. These Trojan horses, viruses, worms and other unwanted programs can put data at risk. Ensure computers are malware-free by keeping anti-virus software updated, using a personal firewall, and making sure to act sensibly. Don’t open attachments unless they are absolutely necessary and come from trusted sources. Don’t surf unknown websites, and don’t download suspicious applications from the Internet.
Use e-mail with caution. E-mail is not a secure way of sending sensitive documents. If you must use it, make sure your e-mail provider uses secure sockets layer (SSL). Look for the “https://” prefix in the address bar.
Protect your documents. You can encrypt your documents using Winzip or other tools, or use even stronger services that deliver protection, control and tracking of your documents even after they have been sent. Keep in mind that unprotected documents can leak even after they arrive at their destination.
“This season is a boon to identity thieves, who are eager to take advantage of taxpayers who share personal and sensitive data over insecure channels,” said Adi Ruppin, Vice President of Marketing and Business Development of WatchDox. “With some common sense and simple technology solutions, individuals can easily protect their documents and file their taxes securely.”
And because most of us will be making copies of our tax returns at some point during tax season, it’s important to remember that most office copy machines are equipped with a hard drive that stores images of every document that has been scanned, faxed and/or printed. The images are often retained until the disk fills and the oldest data is overwritten. And when the office machine’s lease is up, all of the archived data goes out the door along with the copier.
So what can we do to protect our sensitive data and ourselves from identity theft when using copiers? Here are a few tips for good copier security:
- If you have a scanner and printer at home that can serve as a copier, use that device to copy your sensitive paperwork. Avoid copying personal information on work or public machines, especially if you have no control over how those machines are administered.
- If you're leasing a machine, discuss end of life security with your service provider to ensure that all copy machine hard drives will be completely erased when the machine(s) is removed.
- The other alternative is to destroy or erase the disk(s) yourself before selling the machine or allowing it to be removed from your workplace.
- Some copiers have privacy and security software available. Sharp and Xerox, for example, can overwrite images so that they don't remain on the hard drive after the print job finishes. Discuss these features with your vendor and implement appropriate security policies.
And finally, be careful what you copy! It is absolutely essential that particularly sensitive material not fall into the wrong hands, don’t leave behind an image that can be pilfered days, weeks or even months later!