Tax Related Identity and Data Theft and fraud are serious causes for concern both in and out of the office, which makes education and awareness on the subject crucial.
Cybercrime comes in many forms and uses many different tactics to put valuable data in the hands of hackers and scammers. Often a cybercriminal will simply focus on getting a hold of whatever bits of data they can easily access, whether it be from an individual or from a business. Others, however, will tailor their efforts to extract specific data from a specific target.
Information that can help someone to steal your identity is very lucrative for hackers since this is the type of information they can profit off of quickly and easily thanks to Dark Web marketplaces. This type of theft has become a multi-billion dollar business for cybercriminals, which means these threats won’t be going anywhere anytime soon.
Knowing how to recognize these threats, understanding how they work, and learn how to avoid falling victim to the tricks these hackers rely on to get what they want can help protect you, and protect your business. Here are five quick tips that will help you avoid identity theft.
Tip #1 – Be Cautious Of How You Shop Online
Cybercriminals are motivated by one thing, and one thing only – money. If they can’t sell your information to make a profit, they’ll happily help themselves to your credit card information, banking information, and even the contents of your accounts. They can drain your savings, max out your credit limit, or even open new cards or new accounts under your name for their own use.
One of the easiest ways for a hacker to get their hands on what they’d need to do any of those things is by intercepting your information during an online transaction. You can stop this from happening by being mindful of how and where you make transactions, and by taking care to:
- Avoid using unsecured public Wi-Fi
- Shopping only on familiar and recognizable websites
- Checking for the “lock” icon in your browser’s URL bar before supplying any information to a website
- Navigating directly to websites rather than clicking on pop-ups, ads, or links
- Having an active an up-to-date firewall and antivirus program in place on all devices
- Making use of Two-Factor Authentication to protect your accounts
Tip#2 – Learn To Spot A Phishing Attempt
Phishing scams are nothing new. Criminals have been using the same tactics for many years, adapting techniques used over the phone into highly successful email campaigns. Regardless of the approach they take, the goal remains the same – getting a hold of sensitive information by simply asking you for it.
By posing as financial institutions or the IRS, scammers will send out emails advising targets that their account has been compromised, their password needs to be updated, or important information is missing from their file. By responding to these messages and providing the requested information, you’re handing over everything a hacker needs to steal your money or your identity.
No matter how legitimate these emails may look, no reputable company, institution, organization, or agency will ever request sensitive information via email. Avoid clicking on embedded links in these types of messages and instead go directly to the website, and if you want to follow up with the sender before responding, make sure you use the contact information found on their official site, not what’s provided in the email.
Tip #3 – Know What To Do When A Breach Happens
No matter how cautious you are, there is always a chance that a data breach will happen. If you find yourself in this situation, the first thing you should do is try to verify what information has been compromised. Next, you’ll want to get in touch with your bank and have them put a freeze on your bank accounts and credit cards until you have a better understanding of your situation. If the breach was the fault of a company that you had trusted with your information (think the Equifax breach), be sure to take advantage of any free credit and identity theft monitoring the company is willing to provide.
While some of what needs to be done to rectify the situation might be out of your hands, there are steps you can take to keep things from getting worse. Change the passwords for any website, account, or app associated with the email address that was compromised by the breach, and consider adding Two-Factor Authentication wherever possible if you don’t already have that measure in place.
Tip #4 – Beware Of Social Engineering Scams
Social engineering is a tactic that has made phishing scams even more dangerous than they have been in the past. Instead of relying on generic messages sent out en mass in the hopes that someone will fall for the scam, social engineering uses information a hacker can find online through social media or other public sources to tailor messages to a specific target.
By impersonating a specific individual or entity you would expect to receive an email from and directing their request for information to you specifically, the odds of you responding and providing information are significantly higher. Again, it’s important to remember that no one should ever contact you asking for sensitive information about yourself or your business via email.
Tip #5 – Remember Businesses Can Have Their Identities Stolen, Too
Small businesses can find themselves dealing with identity theft just as easily as an individual can. Today’s cybercriminals are incredibly savvy, exploiting a knowledge of tax codes and financial policies to open business accounts or company credit cards, and even file false tax refunds in order to take your business’ refund for themselves.
The same tactics used to steal your personal identity can be used to steal your business’ identity, but the latter can be a little trickier to spot. Common indicators that your business’ identity has been compromised include tax or financial correspondence suddenly stopping because the thief has changed your address to intercept documents, your e-return being denied because it’s already been filed by someone else, or you receive notices of tax submissions or major transactions that were not made by you or your staff.
Want to learn more about the steps you can take to protect your valuable personal and business data from cybercriminals?