317.735.2946 [email protected]

National Tax Security Awareness Week: Spotting Business Identity Theft

National Tax Security Awareness Week: Spotting Business Identity Theft

Main Street businesses might consider themselves too small to be the target of a business identity theft scam, but the Security Summit says that identity thieves are more than happy to steal their personally identifiable information (PII) in today’s National Tax Security Awareness Week topic.

Just like individual identity theft, criminals use stolen PII to fraudulently apply for business-related financial services and file business tax returns. The latter has become increasingly frequent, leading the Security Summit to increase its educational outreach efforts to business-owning taxpayers. 

What businesses are targeted by identity thieves?

Reports of international retail chains suffering data theft incidents might give the impression that large brands with millions of customers are the only targets that interest cybercriminals, but the Security Summit says that simply isn’t the case.

The reality is that all businesses are a ripe target for identity thieves. Despite not having as much customer information as an international corporation, a smaller business is unlikely to have robust data security systems in place.

Another thing to consider is that an identity theft incident might be part of a full-blown data breach. Any business that maintains customer information—like a retailer with an online storefront—is a ripe target for identity theft scams.

Tax practices in particular can be home to thousands of taxpayers’ PII. Making matters worse, that data is formatted in such a way that successfully impersonating victims on credit card applications is much easier.

What are the signs that my business has been a victim of identity theft?

The first step in mitigating the damage caused by identity theft is confirming that your company’s identity has been stolen.

As the IRS notes in today’s press release, the signs of business identity theft are similar to individual identity theft. Unfortunately, they only tend to pop up when victims try to file a tax return.  

The Summit urges businesses that experience any of the following issues to immediately reach out to the IRS:

  • Extension to file requests are rejected because a tax return with the Employer Identification Number (EIN) or Social Security number (SSN) is already on file.
  • An e-filed return is rejected because of a duplicate EIN or SSN is already on file with the IRS.
  • An unexpected receipt of a tax transcript or IRS notice that doesn’t correspond to anything submitted by the filer.
  • Failure to receive expected and routine correspondence from the IRS because the thief has changed the address.

Business identity theft victims will also want to take the same steps as individuals whose identity has been stolen: contact credit bureaus and apply for credit-monitoring services.

How do tax professionals spot business identity theft?

Tax professionals will immediately spot the reject codes outlined above, but the Security Summit stresses that they should also “step up the ‘trusted customer’ procedures” by asking the following questions:

  • Is this person authorized to sign the return?
  • Were estimated tax payments made?
  • [What is the] total income amount from prior-year filings?
  • Is there a parent company? If yes, the name?
  • [Is there any] additional information based on deductions claimed?
  • [What is your] filing history?

According to the release, the programs tax professionals use to file returns also helps in the fight against identity thieves: “Tax software products now share many data elements with the IRS and state tax agencies. These data elements assist the IRS and states to identify suspicious tax returns and to reduce the impact to legitimate filers … [and] allow legitimate returns to be processed as usual.”

What is the final National Tax Security Awareness Week topic?

On Friday, the Security Summit will address data security plans for financial institutions. As every tax professional knows, having a written data security plan in place is required by law. Tomorrow’s blog will include resources to help tax professionals create and improve those plans.

Source: IR-2019-198 

Story provided by TaxingSubjects.com

National Tax Security Awareness Week: Making Secure Passwords

National Tax Security Awareness Week: Making Secure Passwords

Passwords are a ubiquitous part of life in the Digital Age, but many of us aren’t particularly good at making them. That’s why the Security Summit is highlighting tips for creating strong passwords on the third day of National Tax Security Awareness Week.

The IRS press release opened with a nod to the frenetic nature of the holiday shopping season, a time when taxpayers across the US access online accounts to take advantage of sales. Unfortunately, cybercriminals know that many of those accounts store personally identifiable information (PII) and financial data.  

Considering how often taxpayers save their payment information on retailers’ websites—and just how many of those sites they’re frequently logging into from Thanksgiving to Christmas—it’s painfully obvious why protecting those accounts with a strong, secure password is essential.

How do I create a strong password?

The IRS and Security Summit partners recommend longer, but easy-to-remember passwords that are unique to every online account.

Part of that advice—creating a password that’s easy to remember—may seem at odds with what your third-party webmail accounts recommended a few years ago. Predictably, the shift is directly related to human habits.

“Experts previously suggested something like ‘PXro#)30,’ but now suggest a longer phrase like ‘[email protected],’” the IRS says. “By using a phrase, users don’t have to write down their password and expose it to additional risk. Also, people may be more willing to use strong, longer passwords if it’s a phrase rather than random characters that are harder to remember.”

The rest of the password-creation tips covered account usernames, password storage, and programs designed to help users manage the exponential growth of online account passwords. Here’s the full list from the IRS:

  • Use a minimum of eight characters; longer is better.
  • Use a combination of letters, numbers and symbols in password phrases, i.e., [email protected]
  • Avoid personal information or common passwords; use phrases instead.
  • Change default or temporary passwords that come with accounts or devices.
  • Do not reuse or update passwords. For example, changing Bgood!17 to Bgood!18 is not good enough; use unique usernames and passwords for accounts and devices.
  • Do not use email addresses as usernames if that is an option.
  • Store any password list in a secure location, such as a safe or locked file cabinet.
  • Do not disclose passwords to anyone for any reason.
  • When available, a password manager program can help track passwords for numerous accounts.

From that list, choosing a unique username that’s different from your email address might seem strange, but there are a few reasons for that recommendation:

  1. Knowing an email address gives identity thieves another piece of PII that they can use to build a credible profile for fraudulently applying for loans and credit cards.
  2. Having the email address in hand means being able to start the password recovery process.
  3. Using the same email address and password for everything—including bank account logins—is a pretty common mistake that cybercriminals are more than happy to leverage against victims.

Remember, taking every possible precaution can better protect you from cybercriminals.

Should I use multi-factor authentication to protect my online accounts?

Aside from creating unique passwords and user names, the Security Summit also recommends that taxpayers use multi-factor authentication to protect online accounts. For those who are unfamiliar with the term, multi-factor authentication is any process that adds another step to the account login process.

An account just protected by a password would be considered to have single-factor authentication. Accounts that have another step, like security questions or a code sent via text message that you have to enter during login, would be considered protected by multi-factor authentication.

The IRS says, “The idea behind multi-factor authentication is that a thief may be able to steal usernames and passwords, but it’s highly unlikely they also would have access to the mobile phone to receive a security code or confirmation to actually complete the login process.”

What’s the next topic for National Tax Security Awareness Week?

So far, the Security Summit has covered online shopping safety tips, how to spot phishing scams, and password-creation tips. On Thursday, the Summit will cover how big a business needs to be for cybercriminals to target them.

Source: IR-2019-196 

Story provided by TaxingSubjects.com

National Tax Security Awareness Week: Spotting Phishing Scams

National Tax Security Awareness Week: Spotting Phishing Scams

The second day of National Tax Security Awareness Week saw the Internal Revenue Service spotlight common signs of tax-related identity theft phishing scams.

As one of the most common data-security threats faced by taxpayers and tax professionals alike, phishing scams take many forms. While they can appear as an email, website, phone call, or printed letter, phishing scams tend to use similar tactics—and learning those telltale signs is one way to protect yourself.

Luckily, phishing scam basics is the focus of today’s IRS press release.

What is a phishing scam?

Phishing scams are unsolicited communications from identity thieves who want to trick you into giving them your personally identifiable information (PII) or money. As the IRS points out, “the most common way thieves steal identities is simply by asking for it.”

The basic gimmick is that identity thieves pose as a representative from an organization that you trust, like “a bank, a favorite retailer, or even a tax professional.” Fraudsters wager that you are more likely to believe the request for your Social Security Number is legitimate if it appears to come from the IRS.

What are the signs of a phishing scam?

Phishing scams tend to seem “urgent,” the IRS warns. They do this by making you believe there’s a problem that needs to be solved immediately, like paying your tax bill or updating your account information. But that’s just the hook.

To get victims to provide their PII without thinking twice, scammers tend to ask for it directly or “[instruct] the receiver to open an embedded link or download an attachment.” Links may send you to a compromised website that is designed to trick you into providing you information by filling out a form, and downloaded files can contain malware that tracks what you do on your computer—like what you type when you access your bank account.

What should I do if I receive a phishing email?

If you suspect you have received a phishing email, the IRS says you need to resist the urge to respond. Taxpayers who are more vulnerable to these urgent requests—like a someone who knows he owes money to the IRS—can contact the IRS directly via their official phone number or by “[registering] at the official IRS.gov website and [checking] their account balance.”

Once you’re confident the request is a scam, report the incident to [email protected]. The IRS uses this information to improve their catalogue of phishing scams, which they use to warn taxpayers about the most recent scams making the rounds. After all, it’s harder for fraudsters to trick people who are wise to their schemes.

Should I click links on social media?

Identity thieves have started posting links on social media platforms. Someone who is practices good security habits with their personal and work email might not be as cautious when they see a link on Facebook or Twitter.

The IRS has the following advice: “Do not open links from social media unless you are certain of the source.” That advice extends to every platform where you might encounter a link.

What’s next for National Tax Security Awareness Week?

Tomorrow, the IRS will cover another key aspect of data security: creating secure passwords.

Source: IR-2019-195

Story provided by TaxingSubjects.com

National Tax Security Awareness Week: Online Shopping and PII

National Tax Security Awareness Week: Online Shopping and PII

It’s National Tax Security Awareness Week!

It’s the first day of National Tax Security Awareness Week, and the Security Summit is kicking off the festivities by focusing on the dangers of online shopping.

The Security Summit was founded in 2015 by the Internal Revenue Service, state tax agencies, and private members of the tax industry to help taxpayers and tax professionals protect their data from tax-related identity theft scams.

National Tax Security Awareness Week is one of the Summit’s annual outreach campaigns. From December 2 to December 6, Security Summit partners will post data security tips on their websites and social media, focusing on a different topic each day. Here’s the itinerary revealed by the IRS in mid-November:

  • Day 1: Protect personal and financial information online
  • Day 2: Learn to recognize phishing emails and phone scams
  • Day 3: Create strong passwords to protect online accounts
  • Day 4: Recognize clues of identity theft
  • Day 5: Tax professionals should review their safeguards

Not by accident, the first day of National Tax Security Awareness Week coincides with the start of the holiday shopping season.

IRS Warns Taxpayers about Cyber Monday Grinches

As the IRS notes in today’s press release, Cyber Monday is one of the busiest online shopping days of the year. That means identity thieves will try to take advantage of people who are caught up in the excitement of finding the perfect deal on holiday gifts.

For those not familiar with phishing scams, fraudsters reach out to potential victims via phone, letter, or email, impersonating a trusted source, like a government agency, online retailer, or business contact. While the content of these messages can vary, fraudsters basically want to trick victims into providing personally identifiable information (PII) that can be sold on the Dark Web or used to apply for loans and credit cards.

Since the best security software in the world won’t protect you if you volunteer your PII, it’s absolutely essential that you develop data-security habits when surfing the Internet. That’s where the Security Summit comes in.

To give you an idea of where to start, the Summit put together these online security tips for Day 1 of National Security Awareness Week:

  • Shop at sites where the web address begins “https;” the “s” is for secure communications over the computer network. This is an added layer of protection when sharing credit card numbers for a purchase. Note: scam sites also can use “https,” so shoppers should ensure they are shopping with a legitimate retailer.
  • [Do] not shop on unsecured public Wi-Fi. This helps to prevent thieves from eavesdropping. Instead, use secure home Wi-Fi with a password.
  • Use security software for computers and mobile phones, and keep it updated. Make sure anti-virus software has a feature to stop malware and there is a firewall that can prevent intrusions.
  • [Do] not hand out personal information. Phishing scams, imposter emails, calls and texts are the number one way thieves steal personal data.
  • [Do] not open links or attachments on suspicious emails.
  • Use strong, unique, yet easily remembered passwords are safest for online accounts.
  • Use two-factor authentication whenever possible. Many email providers and social media sites offer this feature to help prevent thieves from easily hacking accounts.
  • Back up files on computers and mobile phones. A cloud service or an external hard drive can be used to copy information from computers or phones.

Tomorrow, the Security Summit will focus on identifying and avoiding phishing scams. Check back with us to get the latest National Tax Security Awareness Week information.

Source: IR-2019-185; IRS Tax Tip 2019-168

Story provided by TaxingSubjects.com

Livestock Owners Reminded of Tax Break Due to Drought

Livestock Owners Reminded of Tax Break Due to Drought

While some parts of the U.S. will be glad to see sunny skies, other areas remain in a drought situation. Parts of the far west, Texas, the south, and Alaska and Hawaii—even parts of Puerto Rico—are dealing with officially declared drought conditions, according to the Department of Agriculture. 

Drought can be a serious economic hardship for farmers and ranchers. Some are forced to sell livestock in order to avoid running out of feed or grassland.  

But the Internal Revenue Service reminds livestock producers that measures are in place to help blunt the economic effects of the current drought. Those forced into early sales of livestock can get extra time to replace their herds and may also have more time to defer any gains from the forced sales.

Here’s how the IRS deferral can work for eligible farmers and ranchers:

  • The one-year extension gives eligible farmers and ranchers until the end of the tax year after the first drought-free year to replace the sold livestock.
     
  • The farmer or rancher must be in an applicable region. An applicable region is a county designated as eligible for federal assistance, as well as counties contiguous to that county.
     
  • The farmer’s county, parish, city or district included in the applicable region must be listed as suffering exceptional, extreme or severe drought conditions by the National Drought Mitigation Center. All or part of 32 states, plus Guam, the U.S. Virgin Islands and the Commonwealths of Puerto Rico and the Northern Mariana Islands, are listed. The list of applicable regions is in Notice 2019-54 on IRS.gov.
     
  • The relief applies to farmers who were affected by drought that happened between Sept. 1, 2018, and Aug. 31, 2019.
     
  • This relief generally applies to capital gains on sales of livestock held for draft, dairy or breeding purposes.
  • Sales of other livestock, such as those raised for slaughter or held for sporting purposes, or poultry are not eligible.
     
  • To qualify, the sales must be due only to drought, flooding or other severe weather causing the region to be designated as eligible for federal assistance.
     
  • Farmers generally must replace the livestock within a four-year period, instead of the usual two-year time frame.
     
  • Because the normal drought sale replacement period is four years, this extension immediately affects drought sales that occurred during 2015. However, because of previous drought-related extensions affecting some of these areas, the replacement periods for some drought sales before 2015 are also affected.

Details of the drought-related tax relief for livestock producers, including a sample of how the provisions work, can be found in IRS Notice 2006-82 on IRS.gov.

Story provided by TaxingSubjects.com

401(k) Contribution Limit Edges Up for 2020

401(k) Contribution Limit Edges Up for 2020

The Internal Revenue Service has released cost-of-living adjustments for tax year 2020, covering dollar limitations for pension plans and other retirement-related items. The changes are covered in IRS Notice 2019-59, now posted on IRS.gov.

Change Highlights

One of the newsworthy adjustments is an increase in the contribution limit for employees participating in 401(k), 403(b), most 457 plans and the federal government’s Thrift Savings Plan. The limit in all these instances is increased from $19,000 to $19,500.

The limit for catch-up contributions in the specified plans for employees age 50 and over is also boosted, from $6,000 to $6,500. Similarly, the limitation for SIMPLE retirement accounts has been boosted to $13,500 from $13,000 for 2020.

Individual Retirement Arrangement Income Ranges Modified

Income ranges for determining a taxpayer’s eligibility to make deductible contributions to a traditional IRA, to a Roth IRA, or to claim the Saver’s Credit, have all been increased.

Taxpayers can deduct contributions to a traditional IRA if they meet certain conditions.

If during the year either the taxpayer or his or her spouse was covered by a retirement plan at work, the deduction may be reduced or phased out until it is eliminated, depending on filing status and income. (If neither the taxpayer nor his or her spouse is covered by a retirement plan at work, the phase-outs of the deduction do not apply.) Phase-out ranges for 2020 are:

  • For single taxpayers covered by a workplace retirement plan, the phase-out range is $65,000 to $75,000, up from $64,000 to $74,000.
  • For married couples filing jointly, where the spouse making the IRA contribution is covered by a workplace retirement plan, the phase-out range is $104,000 to $124,000, up from $103,000 to $123,000.
  • For an IRA contributor who is not covered by a workplace retirement plan and is married to someone who is covered, the deduction is phased out if the couple’s income is between $196,000 and $206,000, up from $193,000 and $203,000.
  • For a married individual filing a separate return who is covered by a workplace retirement plan, the phase-out range is not subject to an annual cost-of-living adjustment and remains $0 to $10,000.

The income phase-out range for taxpayers making contributions to a Roth IRA is $124,000 to $139,000 for singles and heads of household, up from $122,000 to $137,000.

For married couples filing jointly, the income phase-out range is $196,000 to $206,000, up from $193,000 to $203,000.

The phase-out range for a married individual filing a separate return who makes contributions to a Roth IRA is not subject to an annual cost-of-living adjustment and remains $0 to $10,000.

The Saver’s Credit (also known as the Retirement Savings Contributions Credit) for low- and moderate-income workers has an income limit of $65,000 for married couples filing jointly, which is up from the old limit of $64,000. The limit for heads of household was increased to $48,750; up from $48,000. Singles and married taxpayers filing separately will see their income limit increase from $32,000 to $32,500.

Annual contributions to an IRA remain capped at $6,000. The additional catch-up contribution limit for individuals 50 and over is not subject to an annual cost-of-living adjustment and remains at $1,000.

For additional details on retirement-related cost-of-living adjustments, check out IRS Notice 2019-59 posted on IRS.gov.

Story provided by TaxingSubjects.com