IRS, Security Summit partners announce 8th annual National Tax Security Awareness week begins Nov. 27; focus on raising awareness among taxpayers, tax pros on security tips to protect against identity theft, scams
IR-2023-218, Nov. 17, 2023, WASHINGTON – The Internal Revenue Service, along with its Security Summit partners in state tax agencies and the nation’s tax industry, today announced a special week focusing taxpayer and tax professional awareness on protecting sensitive financial information against identity thieves as the holidays and the 2024 tax season approach.
The 8th annual National Tax Security Awareness Week takes place this year from Nov. 27 – Dec. 1, marking an annual campaign by the Security Summit, a coalition of the IRS, state tax administrators, tax software companies, the tax professional community and others in the larger tax community. The group formed in 2015 to combat tax-related identity theft through better public-private sector coordination as well as strengthening internal protections and raising awareness about security threats.
With the holiday shopping season underway and tax season fast approaching, the Security Summit partners are alerting taxpayers and tax professionals to take extra steps to protect their financial and tax information during this critical period. During the holiday season, people face the heightened risk of identity theft as criminals ramp up efforts to trick people into sharing sensitive personal information including through email, text message and social media. Identity thieves can use the information to try filing false tax returns and stealing refunds.
“This security week highlights ways for taxpayers and tax professionals to protect themselves against rapidly evolving identity theft schemes to steal tax and other financial data,” said IRS Commissioner Danny Werfel. “The Security Summit effort is an innovative way that the IRS, the states and the private-sector tax industry work together to protect taxpayers and the tax community. Protecting taxpayers is an important priority for the IRS, and the National Tax Security Awareness Week provides helpful information to taxpayers to help us in the ongoing battle against identity thieves.”
To help combat this threat, the Summit partner’s National Tax Security Awareness Week features a week-long series of educational efforts to educate and inform taxpayers and tax professionals on how to defend against identity theft and other scams. The campaign includes:
- Daily press releases during the week of Nov. 27 highlighting specific National Tax Security Awareness issues that can protect taxpayers and tax professionals form evolving identity theft and tax schemes.
- Social media awareness on X (formerly Twitter), Facebook, Instagram and YouTube. Follow @IRSTaxSecurity, @IRSnewsand #TaxSecurity on X for the latest information.
- Special educational materials, including e-posters and IRS publications, will also be available for use by Summit partners and others interested in sharing information.
- A special webinar for tax professionals will be held on Nov. 30 “Developing a Written Information Security Plan.” The Written Information Security Planor WISP is a 28-page, easy-to-understand document developed by and for tax and industry professionals to keep customer and business information safe and secure.
The IRS and Summit partners are focused on combating identity thieves and their increasingly sophisticated scams. Identity thieves often impersonate the IRS and others in the tax community using fake emails, texts and online scams. These schemes frequently use recent tragedies or imitate charitable groups to coax people into sharing sensitive financial data, which can lead to tax-related identity theft.
“The Security Summit has made incredible strides to protect taxpayers across the nation, but identity thieves continue to evolve,” said Peter Barca, who serves as the Federation of Tax Administrators Board of Trustees president and Wisconsin Department of Revenue secretary. “We encourage taxpayers, businesses and tax professionals to remain on guard against these threats, and the information in National Tax Security Awareness Week can help.”
A key tool in identifying and defending against these scams is the Identity Theft Information Sharing and Analysis Center (ISAC) developed by IRS and Security Summit partners to better identify and coordinate against fraudsters. As the group has strengthened defenses inside the tax system to spot emerging scams, identity thieves continue to look for ways to obtain sensitive personal financial information to file fraudulent tax returns. That has made tax professionals, whose business it is to have valuable tax information, a key target for scam artists.
“Even with all of the success made by the Security Summit to protect taxpayers and the tax system from identity thieves, more work remains to be done. Consumers and tax professionals play an important role in this effort; protecting their important information will also help the Security Summit partners in the battle against identity theft,” said Julie Magee, one of the original participants in the Security Summit and Tax Regulatory Affairs Lead for Cash App Taxes.
With International Fraud Awareness Week wrapping up this week, the Security Summit partners remind taxpayers that the awareness effort is a year-round effort in the tax community. The special National Tax Security Awareness Week that begins Nov. 27 provides extra awareness for taxpayers as the holidays and the 2024 tax season approach. Highlights this year include:
National Tax Security Awareness Week 2023 highlights
Cyber Monday: Online Safety
The IRS and the Security Summit partners remind people to take these basic steps when shopping online:
- Use anti-virus software with anti-malware; ensure it includes a firewall to prevent intrusions.
- Use strong and unique passwords for all accounts.
- Use multi-factor authentication whenever possible.
- Shop only secure websites with the padlock icon and “https” in the web address.
- Don’t shop on unsecured or public Wi-Fi.
Tips for tax professionals to protect their clients, including special Nov. 30 webinar planned
As identity thieves continue targeting tax professionals, the IRS and the Summit partners urge practitioners to review the “Taxes-Security-Together” Checklist, including:
- Use multi-factor authentication to protect tax software accounts.
- Use a Virtual Private Network if working remotely.
- Create a written data security plan as required by federal law.
- The IRS also reminds the tax community that the Federal Trade Commission this summer updated their safeguards standards and now requires tax professionals to use multi-factor authentication to protect client information.
- Know about phishing and phone scams, including “spearphishing” schemes where identity thieves pose as new clients in messages to tax professionals.
- Create data security and data theft recovery plans.
- The tax professional part of the week will also be highlighted by the special 10:30 a.m. ET webinar on Nov. 30. The IRS and Jared Ballew, one of the Summit members who helped develop the WISP, will conduct the session. Ballew serves as Vice President of Government Relations at Taxwell, representing Drake Software and TaxAct. He conducted special IRS Nationwide Tax Forum sessions this summer to standing-room-only audiences.
“These security plans provide valuable tips and information to help tax pros develop an effective plan that’s appropriate for their business,” Ballew said. “The Security Summit partners continue to urge tax pros to make sure they have a strong security plan in place, and the WISP is a great place to start for many practices.”
Identity theft / IRS IP PIN program
Taxpayers who can verify their identities online may opt into the IRS Identity Protection PIN program – a tool taxpayers can use to protect themselves – and their tax refund from identity thieves. Here’s what taxpayers need to know:
- The IP PIN is a six-digit code known only to the individual and the IRS. It provides another layer of protection for taxpayers’ Social Security numbers on tax returns.
- Use the Get an Identity Protection PIN (IP PIN) tool at IRS.gov/ippin to immediately get an IP PIN.
- Never share the IP PIN with anyone but a trusted tax provider.
Help for tax professionals, small businesses
Most cyberattacks are aimed at small businesses with fewer than 100 employees. To help this important group, the Security Summit offers some important information during National Tax Security Awareness Week, including:
- Learn about best security practices for small businesses.
- A Business Identity Theft Affidavit, Form 14039-B, is available for businesses to report theft to the IRS.
- Beware of various scams, especially the W-2 scam that attempts to steal employee income information.
- Check out the “Business” section on IRS’ Identity Theft Central.
Earlier this year, the Summit’s Protect Your Clients; Protect Yourself campaign encouraged tax professionals to focus on fundamentals and to watch out for emerging vulnerabilities for those practitioners. The effort also reminded tax professionals about important resources available for tax professionals.
Additional resources for taxpayers, businesses
In addition to reviewing IRS Publication 4557, Safeguarding Taxpayer Data, tax professionals can also get help with security recommendations by reviewing Small Business Information Security: The Fundamentals, by the National Institute of Standards and Technology.
The IRS Identity Theft Central pages for tax pros, individuals and businesses have important details as well.
The IRS and Security Summit partners also share YouTube videos on security steps for taxpayers. The videos can be viewed or downloaded at Easy Steps to Protect Your Computer and Phone and Security Measures Help Protect Against Tax-Related Identity Theft.
Employers can share Publication 4524, Security Awareness for Taxpayers, with their employees and customers, and tax professionals can share with clients.