Ways to Combat Business Identity Theft

Aug 9, 2017Business

The IRS and state tax authorities have made significant strides in curbing individual identity theft over the last two years. But cyber attacks against businesses are on the upswing. Here are some simple ways business taxpayers can help protect their data from hackers.

Trends in ID Theft

The IRS recently announced the number of individualsreporting identity theft in the first half of 2017 has declined dramatically compared to 2015 and 2016. For the first five months of 2017, about 107,000 individual taxpayers reported stolen IDs. In comparison, 297,000 victims filed reports during the same time period in 2015 and 204,000 in 2016. Put simply, individual ID theft dropped 47% over the last year. The IRS attributes the decrease to safeguards put in place during the 2016 Security Summit. Unfortunately, the IRS has also noted an increase in ID theft involving business tax returns. While the number of businesses affected was relatively low, the potential dollar amounts were significant:

YearEstimated business ID theft cases through June 1Estimated losses
2015350 tax returns$122 million
20164,000 tax returns$268 million
201710,000 tax returns$137 million

The victims of business ID theft include corporations, estates and trusts, and partnerships. These days, hackers are bolder and increasingly tax savvy in their scams. For example, they may use stolen data to file bogus business tax returns and then collect refunds. Or they might post the stolen data for resale on the so-called “Dark Net” so other criminals can file fraudulent tax returns. Smith Schafer has been helping clients take appropriate security measures to prevent business ID theft, but problems persist. “We need help from the tax community to combat cybercriminals and raise security awareness,” IRS Commissioner John Koskinen noted.

Ways to Combat Business ID Theft

Because business ID theft can be so costly, prevention and early detection measures are critical. Here are some simple, but effective, security measures you should consider:

  • Make cybersecurity a top priority. Similar to an annual business plan, your company needs a formal cybersecurity plan that identifies a step-by-step approach for detecting ID theft. When breaches happen, your plan should trigger a prompt, thorough response.
  • Safeguard intellectual property. Companies should store all employee and customer data, along with other proprietary records, such as financial statements and prior years’ tax returns, in a safe location. Shred nonessential documents before throwing them out, and limit access to your employer ID number to parties with whom you initiated the contact. Share sensitive information via the Internet or email only if the recipient is trusted (such as your lender or tax preparer) and the site is secure.
  • Use the latest cybersecurity technologyThis includes firewalls, antivirus and antimalware software, and spam filters. Also exercise common sense: Don’t download files, click on links, or open pop-ups or attachments sent from unknown sources. Stored files should be encrypted for your protection and for the benefit of customers.
  • Educate employeesConduct periodic training sessions to remind employees about the latest scams, such as phishing emails where hackers pose as familiar businesses or colleagues to steal sensitive information. They should also be aware of your cybersecurity plan and each person’s role if a breach occurs.
  • Use prepaid credit cards for purchases. Prepaid employee credit cards limit your potential for losses when employees make purchases from suppliers and vendors. If a card is breached, the company can lose only what’s prepaid and you can immediately deactivate the card.
  • Monitor business credit reports. It does not take much effort to monitor your company’s profiles from the three major business credit bureaus: Equifax, Experian, and TransUnion. Subscribe to their monitoring services for round-the-clock access. What’s more, you can choose to receive real-time email notifications about suspicious activities affecting your company’s credit rating.
  • Guard your master list. Some companies track all their accounts and passwords in a master list, which can be convenient, but dangerous. A dishonest employee or hacker who manages to gain access to that list has the key to all your company’s information in one fell swoop, so you’ll need to be extra cautious with security measures.
  • Finally, contact your Smith Schafer professional promptly if you believe you have been victimized. We can help you get in touch with the appropriate law enforcement authorities, business credit bureaus and financial institutions.

No Guarantees

No preventive measure is 100% fail safe. The IRS and tax preparers are expanding their efforts to educate businesses and prevent breaches. You can also help lower your risk by crafting a formal cybersecurity plan, educating employees and implementing various other proactive security measures. If you have questions or concerns about your situation, ask your Smith Schafer professional for help.

Blank

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Trending Posts

Subscribe to our Blog

Related Industry Posts

document Organization for Your 401k Plan Audit

document Organization for Your 401k Plan Audit

s discussed in part two of our 401k blog series, one of the purposes of a retirement plan audit is to ensure the plan operates in compliance with both plan documents and IRS and DOL regulations. To do this, your auditor will request access to several documents. Some will be plan-specific documents, while others will be HR and related documents.

read more
2022 Business Valuation Considerations

2022 Business Valuation Considerations

More than two years after COVID-19 changed the world, business valuations are still challenging. At the midpoint of 2022, the idea that things have returned to ‘normal’ is certainly debatable. In many instances, historic valuation inputs, specifically past performance, cannot be taken as an indication of future performance.

read more
2022 IRS Backlogs & Taxpayer Service Updates

2022 IRS Backlogs & Taxpayer Service Updates

The IRS has been busy. In the past two years, the agency has processed trillions of dollars in pandemic relief funds, adjusted to often-changing tax deadlines, and dealt with several complex new tax laws. At the same time, funding was 20 percent lower than in 2010. Understaffed is the understatement of the century.

read more

Subscribe to our blog

SEND US A MESSAGE

We appreciate your interest in Smith Schafer and would love to hear from you.So please complete this form or feel free to email us directly at: [email protected]