Please forward these Cyber Security tips and best practices to other interested people in your organization. To subscribe to CIRMA's Cyber Security Tips & Alerts, please contact Carolyn Field, CIRMA Communications.
View this email in your browser

Tax scammers

Important information from CIRMA and the Multi State Information Sharing and Analysis Center:
Hundreds of thousands of U.S. residents are targeted by tax scams each year --  and the numbers are increasing. The IRS reported a 400% rise in phishing scams from the 2015 to the 2016 tax season. Approximately 30% of all reported data breaches in state and local governments in 2017 were related to the theft of W-2 information -- which was likely used for tax fraud. Cyber criminals have successfully scammed several CIRMA members.

Here are some basic tips to help you minimize the chances of becoming a victim of a tax scam:
  • If you haven’t already, file your taxes as soon as you can…before the scammers do it!
  • Be aware of phone calls, emails, and websites that try to get your personal information, or pressure you to make a payment. If something seems suspicious, contact the organization through a known method, like their publicly posted customer service line.
  • Ignore emails and texts asking for personal or tax information. Be cautious as to whom you provide your information, including your Social Security Number and date of birth.
  • The IRS will not initiate contact about payment with taxpayers by phone, email, text messages, or social media without sending an official letter in the U.S. mail first.
  • The IRS will not call to demand immediate payment over the phone using a specific payment method such as a debit/credit card, a prepaid card, a gift card, or a wire transfer.
  • The IRS will not threaten to immediately notify local police or other law-enforcement agencies to have you arrested for not paying.
  • The IRS will not demand that you pay taxes without giving you the opportunity to question or appeal the amount you owe.
If you receive a tax-related phishing or suspicious email at work, report it according to your organization's cybersecurity procedures. The IRS encourages taxpayers to send suspicious emails related to tax fraud to its email account or to call the IRS at 800-908-4490. More information about tax scams is available on the IRS website and in the IRS Dirty Dozen list of tax scams.
If you suspect you have become a victim of tax fraud or identity theft, the Federal Trade Commission (FTC) Identity Theft website will provide a step-by-step recovery plan. It also allows you to report if someone has filed a tax return fraudulently in your name, if your information was exposed in a major data breach, and many other types of fraud
Additional resources:
CIRMA's Cyber Security emails are provided in partnership with the Multi State Information Sharing and Analysis Center. To subscribe to our general information Cyber Security Tips & Alerts, or to the technical TLP: White and Green Alerts from MS-ISAC, please contact Carolyn Field, CIRMA Communications Supervisor.
For more information about CIRMA’s Cyber Risk Initiative, please contact your CIRMA Risk Management Consultant. Visit the CIRMA website for more information about our Cyber Risk resources.

The information provided in CIRMA's Security Tips & Alerts e-news is intended to increase the security awareness of an organization's end users and to help them behave in a more secure manner within their work environment. While some of the tips may relate to maintaining a home computer, the increased awareness is intended to help improve the organization's overall cyber security posture. This is especially critical if employees access their work network from their home computer.

Copyright © 2018 Connecticut Interlocal Risk Management Agency, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list