1 / 40

Cybersecurity for Tax Professionals

Karen Brehmer IRS Stakeholder Liaison. Cybersecurity for Tax Professionals. August 2018. Agenda. What do hackers want? How do they get in? What you can you to prevent it What if it happens to you?. What do hackers want?. They want access to your client’s information.

dregan
Download Presentation

Cybersecurity for Tax Professionals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Karen Brehmer IRS Stakeholder Liaison Cybersecurity for Tax Professionals August 2018

  2. Agenda • What do hackers want? • How do they get in? • What you can you to prevent it • What if it happens to you?

  3. What do hackers want? • They want access to your client’s information. • They will steal what they can and sell the data on the Deep Web or Dark Web. • The hacker will not be the person who files the false return. The person who buys the client’s information will file the false return.

  4. Security Summit Results • Improved identity theft filters. • More returns stopped before entering processing pipeline • Confirmed identity theft returns dropped 30 percent • Fraudulent refunds identified by banks fell 50 percent • People identifying themselves as IDT victims fell 46 percent

  5. It CAN Happen to You • The risk is real; preparers are prime targets for identity thieves • January to May 2017 = 142 • January to May 2018 = 197. 39% increase • PTIN Holder Preparers Impacted through May 29, 2018 = 731 • Potential Taxpayers Impacted: 111,840

  6. It CAN Happen to You • Data loss can occur so many ways: • Burglar steals office computers • Disgruntled employees steals client info • Dispose of old devices without erasing data • Cybercriminal breaches your systems using phishing and malware schemes • IRS Publication 4557 updated in 2018

  7. Data Theft Tactics • Phishing versus spear-phishing • Spear-phishing emails, text or calls • Pose as new clients • Pose as trusted organizations like tax professional organizations or IRS e-Services • Dropbox, DocuSign • Use malware-infected attachments • Your client’s email account is hacked

  8. Data Theft Tactics • Risks of phishing emails • Computer breaches • Account take-overs (banks, IRS e-Services, tax software) • Ransomware • Remote access versus VPN • Educate employees on scams/risks • Variations constantly emerge

  9. Spear Phishing

  10. Account Takeover Often starts with a spear phishing email like this:

  11. Account Takeover Fake e-Services site copies real one

  12. Account Takeover Maintain your EFIN: Keep it current • Update within 30 days of any personnel, address or telephone changes • EFIN is not transferable • EFIN application required for each office location where e-File transmissions occur

  13. Report Phishingphishing@irs.gov

  14. Report Phishingphishing@irs.gov We need the email headers

  15. Report Phishingphishing@irs.gov How to send us the phishing email with the headers and keep your computer safe: • Create a new email • Address it to phishing@irs.gov • Copy the phishing email. (Right click, copy) • Go to the new email, attach the phishing email (right click, paste) • Send

  16. Protect Your Clients; Protect Yourself: Tax Security 101

  17. Protect Your Clients; Protect Yourself: Tax Security 101 • NEW: Publication 5293, Data Security Resource Guide for Tax Professionals, which highlights a compilation of IRS.gov resources for tax preparers. • REVISED: Publication 4557, Safeguarding Taxpayer Data, to better reflect the current threats to tax professionals. The guide outlines basic steps tax professionals should take, how to take them and provides details on how to comply with requirements for a data security plan.

  18. Protect Your Clients; Protect Yourself: Tax Security 101 • Security Summit outlines ‘Security Six’ basic safeguards for tax professionals’ computers and email • Antivirus software • Firewalls • Two-factor authentication • Backup software/services • Drive encryption • Data security plan

  19. Protect Your Clients; Protect Yourself: Tax Security 101 • Tax Security 101: Tax professionals must use strong passwords, encryption to protect taxpayer data • Password recommendations have changed: • Old: PXro#)30 • New: SomethingYouCanRemember@30

  20. Protect Your Clients; Protect Yourself: Tax Security 101 • Tax Security 101: Security Summit reminds tax professionals to beware of spear phishing emails • Use separate personal and business email accounts; protect email accounts with strong passwords and two-factor authentication if available. • Install an anti-phishing tool bar to help identify known phishing sites. Anti-phishing tools may be included in security software products. • •

  21. Protect Your Clients; Protect Yourself: Tax Security 101 • Use security software to help protect systems from malware and scan emails for viruses. • Never open or download attachments from unknown senders, including potential clients; make contact first by phone, for example. • Send only password-protected and encrypted documents if files must be shared with clients via email. • Forward suspicious emails to phishing@irs.gov.

  22. Protect Your Clients; Protect Yourself: Tax Security 101 • Tax Security 101 – Tax professionals victimized by data thefts offer hard-won security lessons to colleagues • Get cyber insurance coverage • Password protect each client account • Use a virtual private network (VPN) for remote connections • Keep all security software updated

  23. Protect Your Clients; Protect Yourself: Tax Security 101 • Tax Security 101: Tax professionals must maintain, protect EFINs; Monitor EFINs, PTINs and CAF numbers • Maintaining EFINs • Monitoring EFINs, PTINs and CAFs • EFIN totals • PTIN totals • Protecting EFINs

  24. Data Compromises

  25. Overview • National Institute of Standards and Technology (NIST) • Small Business Information Security: The Fundamentals

  26. Overview (cont’d) • Identify: Data, People, Equipment • Protect: Limit Access, Updates, Firewalls • Detect: Anti-Virus, Spyware • Respond: Information Security Plan • Recover: Backups

  27. Detect • How will you know? • E-file client’s returns, rejected • Clients get Letter 4883C or 5071C • Clients get refund but have not filed • Contacted by CI • Others

  28. Respond • Develop a plan for disasters and information security incidents • The plan should include the following Roles and Responsibilities: • Who makes the decision to initiate recovery procedures and contact law enforcement • What to do with your information systems (i.e. shut down/lock computers, move to backup site)

  29. Respond (continued) • Who to call in case of an incident (i.e. How and when to contact senior executives, emergency personnel, cybersecurity professionals, legal professionals, service providers, or insurance providers) • State Notification Laws

  30. Respond (continued) • IRS • Tax professionals should contact IRS Stakeholder Liaison when a compromise is detected. The Stakeholder Liaison will refer Information within IRS (i.e. Criminal Investigations, Return Integrity & Compliance Services) • IRS.gov search term: Stakeholder Liaison Local Contacts

  31. Respond (continued) • State Tax Agencies • Tax professionals can e-mail the Federation of Tax Administrators to get information on how to report victim information to the appropriate state authorities. • StateAlert@taxadmin.org

  32. What happens next? • Follow advice found on IRS.gov “Data Theft Information for Tax Professionals” • IRS, FBI, Secret Service, Local Police • Insurance company, cybersecurity experts, attorney • FTC • Credit bureaus • Clients, offer credit monitoring

  33. What happens next? • Stakeholder Liaison will help • New EFIN • You provide a client list

  34. Victim Assistance • If the taxpayer finds out first – • E-file return rejects; duplicate SSN • File return by paper; attach Form 14039, Identity Theft Affidavit • Generates an Identity Protection PIN once case resolved

  35. Victim Assistance • If the IRS tells the taxpayer first – • Suspicious return generates Letter 4883C or Letter 5747C to verify identity by phone or in person • If taxpayer did not file return, it is removed from account; IP PIN generated • No need to file a Form 14039

  36. Victim Assistance – What’s New • Letter 5747C taxpayers do not need to verify in person if they call and say they did NOT file the return • Only taxpayers may access transcripts for years with an IDT indicator, • But tax pros may now access transcripts for those years without an indicator

  37. Review What did you learn? What will you do that’s new?

  38. Questions

  39. Contact Information Karen Brehmer IRS Stakeholder Liaison Serving MN, IA, ND, SD, MT Karen.A.Brehmer@irs.gov Phone: 763-347-7375 Fax: 877-477-8134 No taxpayer data in email or attached to email

  40. Thank you!

More Related