Tax season is not pleasant for anyone. Still, for business owners, it can be a hectic and stressful time — especially if you store business, financial, and personal information online.
Unfortunately, cybercriminals are all too aware of this and often increase their efforts to target businesses during tax season.
There has been no shortage of high-profile data breaches in recent years, from DoorDash and Rockstar Games to Twitter and Dish Network. Even the Costa Rican government was forced to declare a state of emergency after weeks of ransomware attacks.
Yet, small to midsize businesses are at just as much risk, and the damage of a breach can be much worse — while 50% of small to midsize businesses reported suffering at least one cyberattack in the past year, a full 60% of small businesses who experience an attack go out of business within six months.
This makes it essential for businesses of any size to take proactive measures to protect their business and customers’ information from hackers, especially during tax season, when risk levels are even higher.
In this article, we’ll discuss some practical steps businesses can take to protect themselves from cyber threats during tax season.
By implementing these measures, business owners can safeguard their financial and personal data and keep their businesses running smoothly throughout tax season and beyond.
Hackers commonly use tactics like phishing, spoofing, phone calls, emails, text messages, or letters threatening to have you arrested, collect your assets, or freeze bank accounts if you don’t cooperate.
They may also send fake documents or messages by mail, text, or social media to trick taxpayers into providing sensitive, personally identifiable information (PII).
To protect your business from hackers during tax season, you must be vigilant and aware of the latest hacking tactics. Some rules of thumb to keep top of mind include:
Another critical point to remember is that the IRS will never initiate contact with you via telephone, text message, email, or social media to request personal or financial information.
The IRS will always first send a letter requesting information.
We’ve discussed the IRS impersonation telephone scam previously on this blog. It’s an aggressive and sophisticated tactic that has impacted every corner of the country.
The callers claim to be employees of the IRS (but are not). They even use fake names and bogus IRS badge numbers. They can be very convincing and know much about you from online information. They will even alter the caller ID to make it look like the IRS is calling!
So remember, the IRS will never:
So if you start to hear ANY of these claims, you are talking to a scammer and should immediately hang up.
If you have already been in touch with the IRS, agents or tax compliance officers might use phone calls or in-person visits to get in touch with you. They may also send emails or request information. However, this will only occur after that initial contact by mail, and they will never threaten you or demand immediate payment over the phone or by email. If you receive such a call or email, do not respond or, once again, immediately hang up.
Here are 7 more ways to protect your business from hackers during tax time:
One of the most effective ways to protect your business from hackers during tax season is to educate your employees about security risks. By teaching your employees how to identify and avoid common scams, you can significantly reduce your risk of a data breach.
It is equally vital that you create a comprehensive security policy for your employees to follow. This should include guidelines for password strength and protection, internet usage, data storage, and information sharing. Regular training sessions help reinforce these policies and keep employees up-to-date with the latest security threats.
Passwords are often the first line of defense against cyber attacks. Unfortunately, many people still use weak, easily guessed passwords that hackers can crack. Using strong passwords that are difficult to guess is essential to prevent unauthorized access to your business accounts and data.
Multi-factor authentication adds an extra layer of security by requiring users to provide additional information, such as a fingerprint or a one-time code, before logging in. This can make it much more difficult for hackers to access your business accounts.
As annoying as constant software updates can be, they are not there for no reason. Software vulnerabilities can provide a gateway for cybercriminals to access your business data. To prevent this, it is essential to keep your software up-to-date. This includes your operating system, web browsers, and any other software or applications you use.
Ensure you regularly check for and install software updates and security patches. This can help to fix any known vulnerabilities and reduce your risk of a data breach.
Antivirus and anti-malware software can help to protect your business from cyber attacks by scanning your computer for malicious software and blocking any suspicious activity. Ensure you have a reliable antivirus and anti-malware program installed on all of your business devices.
It is also important to regularly update your antivirus and anti-malware software to ensure that it can detect and block the latest threats.
Your Wi-Fi network can be a weak point in your business’s security if it is not adequately secured. Ensure you use a strong password to protect your Wi-Fi network, and change this password regularly.
It is also essential to keep your Wi-Fi network hidden and to disable remote administration. This can help to prevent unauthorized access to your network and reduce your risk of a data breach.
Backing up your data regularly can help protect your business from data loss in a cyber-attack or other disaster. Ensure you regularly back up your important business data, including financial records, customer information, and other sensitive data.
Store your backups in a secure location, such as an encrypted external hard drive or a cloud-based storage service. This can help to protect your data even if your primary systems are compromised.
Phishing scams are a common tactic cybercriminals use to trick employees into sharing sensitive information or downloading malicious software. To protect your business from these scams, being vigilant and educating your employees on identifying and avoiding them is crucial.
Some common signs of a phishing scam include suspicious links or email attachments, requests for personal information, and urgent or threatening language. Ensure that your employees know to be cautious of these signs and immediately report any suspicious activity to your IT department.
If you are a client and would like to book a consultation, call us at +1 (212) 382-3939 or contact us here to set up a time.
If you aren’t a client, why not? We can take care of your accounting, bookkeeping, tax, and CFO needs so that you don’t have to worry about them. Interested? Contact us here to set up a no-obligation consultation.
Interested in receiving updates in your mailbox? Check out our newsletter, full of information you can use. It comes out once every two weeks, and you can register for it below.
Found this article helpful? Share it with your network.
Above & Beyond
New York City
2 West 45th Street, Suite 1208
New York, New York 10036
565 Taxter Road, Suite 105,
Elmsford, New York 10523
Jeff Coyle, CPA, Partner of Rosenberg Chesnov, has been with the firm since 2015. He joined the firm after 20 years of business and accounting experience where he learned the value of accurate reporting, using financial information as a basis for good business decisions and the importance of accounting for management.
He is a diligent financial professional, able to manage the details and turn them into relevant business leading information. He has a strong financial background in construction, technology, consulting services and risk management. He also knows what it takes to create organizations having built teams, grown companies and designed processes for financial analysis and reporting.
His business experience includes:
Creating and preparing financial reporting, budgeting and forecasting.
Planning and preparation of GAAP and other basis financial statements.
Providing insight on financial results and providing advice based on those results.
Jeff also has a long history of helping individuals manage their taxes and plan their finances including:
Income tax planning and strategy.
Filing quarterly and annual taxes.
General financial and planning advice.
Prior to joining the firm in 2015, Jeff was in the private sector where he held senior financial and management positions including Controller and Chief Financial Officer. He has experience across industries, including construction, technology and professional services which gives him a deep understanding of business.
Jeff graduated from Montclair State University, he is a CPA and member of the American Institute of Certified Public Accountants, New York State Society of Certified Public Accountants and New Jersey State Society of Public Accountants.
Jody H. Chesnov, CPA, Managing Partner of Rosenberg Chesnov, has been with the firm since 2004. After a career of public accounting and general management, Jody knows the value of good financials. Clarity, decision making, and strategy all start with the facts – Jody has been revealing the facts and turning them into good business results for more than three decades.
He takes a pragmatic approach to accounting, finance and business. His work has supported many companies on their path to growth, including helping them find investors, manage scaling and overcome hurdles. His experience and passion for business reach beyond accounting and he helps businesses focus on what the numbers mean organizationally, operationally and financially.
He has a particular expertise in early-stage growth companies. His strengths lie in cutting through the noise to come up with useful, out of the box, solutions that support clients in building their businesses and realizing their larger visions.
Prior to joining the firm in 2004, Jody was in the private sector where he held senior financial and management positions including General Manager, Chief Financial Officer and Controller. He has experience across industries, which gives him a deep understanding of business.
Jody graduated with a BBA in Accounting from Baruch College, he is a CPA and member of the American Institute of Certified Public Accountants and New York State Society of Certified Public Accountants.
In addition to delivering above and beyond accounting results, Jody is a member of the NYSCPA’s Emerging Tech Entrepreneurial Committee (ETEC), Private Equity and Venture Capital Committee and Family Office Committee.
He is an angel investor through the Westchester Angels, and has served as an advisor for many startup companies and as a mentor through the Founders Institute.
Send us a message and we will contact you as soon as possible.