Posted on

Why Ordinary Antivirus Fails To Protect Your PC

What antivirus software “protects” your computer?

Some of the common ones I see on client computers are:

  • Norton
  • McAfee
  • Trend Micro
  • BitDefender
  • VIPRE
  • AVG
  • Avast
  • Avira
  • Microsoft Security Essentials or Windows Defender
  • ESET NOD32

Bad news, my friend.

I’ve got bad news if you’re using one of these products – your PC ISN’T as safe from viruses and malware as you believe.

Older isn’t better in this case

All of these antivirus programs use 25-year-old technology to block viruses and malware.  It’s called virus definitions.

Multiple times every day, these software manufacturers push updated virus definitions to your computer.  It’s basically a list of known bad threats they have discovered that shouldn’t be allowed on your PC.

Two Flaws

I’m sure you can see the two major flaws with this.

First, it’s impossible to keep the list on your computer up-to-date. 

Cybercriminals are always writing new scripts to attack computers. 

It’s only after these new viruses are released on the Internet and have done their damage that antivirus vendors know they exist, reverse engineer how they work, and add them to the “bad list.” 

This process can take days or even weeks – leaving your computer completely unprotected.

Second, it’s easy to bypass the list.

Hackers know how these lists scan incoming files to determine whether it is good or bad, whether it should be allowed or blocked. 

So they modify their code just enough so your antivirus software doesn’t recognize it as being malicious – simply because it’s not on “the list” in the virus definitions database.

Think of it as using a fake ID.

Use Technology To Fight Technology

What’s the solution?

Fortunately, there is a new antivirus software that utilizes the latest technology to combat against all types of virus and malware infections without using a list.

This antivirus protection stops any threat – known or unknown – from damaging your computer. 

How?

It uses artificial intelligence and machine learning to determine if the actions a particular file or program is performing are normal or malicious.  If it’s malicious, it immediately shuts it down.

There are no outdated virus definition lists and no days or weeks of your computer being vulnerable.

I’ve Seen It Work

I installed this new protection on a client’s computer in late October.  On New Year’s Eve, while I was vacationing in Arizona, I received an email alert that the Cybersecurity Antivirus had stopped a hidden, malicious file stored in the computer’s recycle bin from encrypting all her files and rendering her computer inoperable.

The report showed exactly where the file was located and specifically what files on the computer it was trying to modify.

Because it immediately quarantined it, this client didn’t experience any problems.  And more importantly, she didn’t have to shell out any money for a virus removal.

You Decide

Antivirus software MUST be installed on your computer.  Anything is better than nothing.

But is it smart to use antiquated technology that doesn’t really protect your computer from the latest threats? 

You spend between $0 and $100 for antivirus “protection,” but end up having to spend $100-$200 more to clean up your PC when that “protection” fails you (and it will).

 Alternatively, the Cybersecurity Antivirus protection can keep your computer safe and keep money in your pocket for less than $150 a year.
Posted on

How to Create Strong, Easy-To-Remember Passwords

Do you use “123456” as your password for any websites? How about “qwerty”? Maybe 123456789?

If you do, you’re not alone. In fact, nearly 1,000,000 people use those passwords.

But there’s a problem.

Each of those can be cracked in less than a millisecond, leaving you and your personal information exposed to data thieves.

So what can you do to stay more secure, but still be able to remember your passwords?

Don’t Reuse Passwords

Using the same one or two passwords for everything drastically reduces your personal security. Obvious, right?

Maybe, but that doesn’t stop over 80% of people from reusing passwords. Instead, use a unique password for each website you visit.

Most people can’t remember that many passwords, so I recommend using a password management service like LastPass to safely store your passwords for you. It can even generate passwords that are practically impossible for computers to guess.

Use Longer Passwords

Hackers don’t type in passwords one at a time. Instead, they often get millions of them at once from data breaches. They target the short passwords first and, with enough passwords to compare, they’re able to decrypt thousands of them in just a couple of hours.

If your password is 8 characters or longer, however, there’s a good chance it will be overlooked.
Hackers don’t want your password: they want as many as they can get in the shortest time possible.

Assuming it is not a common password such as “password123,” each additional character over eight could potentially add days, months, years, or even decades to the time it would take an algorithm to crack, making your password very unappealing to hackers.

I suggest using passwords with at least 10 characters to keep yourself off hackers’ radar.

Use Sentences as Passwords

Which is easier to remember: “Tl|_|,BwwB2R” or “My favorite kind of pie is chocolate!”?

The latter, of course.

However, you don’t want to use real words, as they are easily cracked.

Instead, use only the letters from your sentence as a password.

In this instance, “My favorite kind of pie is chocolate!” turns into “Mfkopic!.”

If you’re feeling clever, you could even change “pie” to “3.14” (pi = 3.14, in math terms), then the “1” to a “!”. This leaves you with “Mfko3.!4ic!” – a password which cannot be easily guessed and would take 200 million years to crack.

As long as you avoid using common words or phrases, this simple technique will keep you much more secure than most complex, hard to remember passwords.

Remember: a password that is hard for you to remember is not always hard for a computer to guess.

 

 

Here are some resources to help you create strong passwords, along with some cool facts and information:

Helpful graph for remembering long passwords (Stanford Password Policy):

http://bit.ly/stanfordpasswordpolicy

6 techniques for creating stronger passwords:

http://bit.ly/6techniques

Most commonly used passwords of 2016:

http://bit.ly/commonpasswords2016

Common passwords, plus helpful tips and tricks to keep yourself safe:

http://bit.ly/telegraphpasswords

Posted on

How the Repeal of Net Neutrality Could Affect You

Think your cable and Internet bill costs too much already?

Enjoy freely surfing the web’s variety of funny, informative, and even weird, content?

Thanks to a party-line vote to repeal net neutrality by the appointed members of the Federal Communications Commission (FCC) last Thursday, you could end up paying more to view certain Internet content or not even be able to access certain content at all.

What is (was) net neutrality?

Net neutrality rules made the Internet a level playing field for all content providers and consumers. They required Internet Service Providers (ISPs) to allow equal access to all lawful web content.

ISPs like Spectrum, Frontier, and Comcast, couldn’t charge you more to access certain websites. Nor could they slow down your connection to other Internet content.

Mozilla – the company known for its Firefox web browser – succinctly describes it this way: “In other words, the Web is a level playing field: you can read, watch, play, browse and share on the same terms as everybody else.”

Net neutrality rules adopted by the FCC went into effect in 2015. Those rules prohibited certain practices by Internet Service Providers, as described in this excerpt from a December 14 New York Times article:

“BLOCKING – Internet service providers could not discriminate against any lawful content by blocking websites or apps.

“THROTTLING – Service providers could not slow the transmission of data based on the nature of the content, as long as it is legal.

“PAID PRIORITIZATION – Service providers could not create an Internet fast lane for companies and consumers who pay premiums, and a slow lane for those who don’t.”

The FCC’s decision

Last Thursday, the five appointed members of the FCC voted along party-lines to repeal those 2015 rules.

Essentially, they caved in to lobbyists of major communications corporations.

Eric Schmidt, former Google CEO, wrote to Google users in 2006, “The phone and cable monopolies, who control almost all Internet access, want the power to choose who gets access to high-speed lanes and whose content gets seen first and fastest. They want to build a two-tiered system and block on-ramps for those who can’t pay.”

How this could affect you

First, Internet providers could begin to create bundles of content – increasing your monthly Internet bill. This is similar to what cable and satellite providers already do for television content.

Want to access social media sites? That’s an extra subscription package per month.

Want to stream videos from Hulu, Netflix and YouTube? You’ll need to pay more for a separate bundle.

This is already happening in other countries, such as Portugal, where no net neutrality rules exist.

Second, they could completely prohibit you from viewing certain content at all – or make it extremely painful to do so.

For example, Comcast is the parent company of NBC and MSNBC. They could decide to deny subscribers the ability to access any news content other than that produced by NBC/MSNBC. Or they could slow down connections to other news sites so that it takes longer to load, thereby discouraging people from trying to even access it.

(I agree, this may be an extreme and unlikely example. But with the repeal of the rules, it is now possible.)

Third, Internet providers could allow deep-pocketed companies to pay for faster load times of their websites.

This could prevent small businesses and non-profit organizations from promoting their products, services and causes to the same audiences.

Your voice matters – Say something!

The repeal of net neutrality is a bad deal for consumers and businesses alike.

The FCC’s decision faces serious congressional and legal challenges in the months ahead. So major changes won’t happen immediately.
But if you enjoy a free, fair access to the Internet, you can’t just finish reading this column, move on to the next article, and do nothing.

I encourage you to call or write your federal representatives in Congress. Let them know you want them to challenge the FCC’s decision.

Call or write the Indiana Attorney General’s office. Encourage them to join with New York’s Attorney General in filing a multi-state lawsuit against the FCC’s repeal.

A free and open Internet is an important platform for free speech and open enterprise.

Posted on

How To Determine If A Website Is Safe

Scrolling through your Facebook news feed, you see a friend shared a link to an interesting story.  It’s obvious it will take you to a different website if you click on it.

Or maybe you’re a recipient of one of those emails a friend sent to everyone in her address list.  You’re encouraged to click on the link to watch a funny video clip.

Because you’re a faithful reader of this tech column, you know you’ve got to be careful on the Internet.  Viruses and malware lie in wait to infect your computer.

So how can you tell if a website is safe to visit or not – before you browse to it?  How can you be sure your PC won’t become infected?

The bad news

Unfortunately, there’s no guaranteed way to assure a website is completely safe or virus and malware free.

The good news

But there are some fairly reliable tools you can use to help gauge the safety of a website before you visit it.

First, you can use online web-based scanners to examine the web address.

·      Norton SafeWeb – https://safeweb.norton.com/

Security vendor Symantec offers this website to provide you an analysis of a website’s reputation.  Most of its information comes from the general public who submit reviews based on their interactions with the websites.  So you must still use caution because these reviews are not necessarily legitimate.

·      Comodo Site Inspector – http://app.webinspector.com/

Comodo Site Inspector, a free service by the popular cybersecurity vendor, will scan a URL for twelve potentially harmful components that could damage your computer.  The scan can take several minutes to complete.

·      ScanURL – https://scanurl.net/

Similar to Norton SafeWeb, ScanURL.net checks multiple databases such as Google SafeBrowsing, Web of Trust, and PhishTank to see if a site has been reported as a potentially malicious site.

Second, you can implement DNS filtering on your router.

DNS can be considered the phone book of the Internet.  Each website address (like www.calibreforhome.com) points to a specific server address comprised of numbers where the site is hosted, known as an IP address.

OpenDNS offers a free service for home users, allowing you to filter all your Internet traffic through their DNS servers, which are programmed to block known harmful websites.  It can also speed up your web browsing, compared to using your Internet Service Provider’s default DNS servers.

You can check out their packages at https://www.opendns.com/home-internet-security.

Finally, you can install a web filtering software program on your computer.

The Managed Web Protection we offer prevents you from visiting websites known contain malware, spyware, adware, and other infections.  It also functions as a parental control tool – keeping your kids and grandkids from visiting inappropriate websites.

Of course, the safest method of all – don’t click!

Posted on

What You Should Learn From “The Day The Earth Was Hacked”

Europol, the intelligence agency of the European Union, called it a “cyberattack of an unprecedented level.”

Starting early Friday, May 12, a massive ransomware infection called WannaCry quickly spread to hundreds of thousands of computers in over 150 countries.

It crippled entire hospitals, car manufacturers, telecom companies, and even affected U.S.-based FedEx, demanding a $300 ransom to be paid in Bitcoin for the data files it held hostage.

Failure To Do This Leaves The Door Wide Open

Why did this ransomware inflict so much damage when it could have been easily prevented?

First, companies and individuals failed to keep their computers updated with the latest security patches.

Microsoft discovered the vulnerability exploited by WannaCry and issued a patch back in March. Computers with the update installed were not affected.

Yet, an enormous number of PCs obviously weren’t updated, providing an open door for the cyberattack.

In my experience, most small business and home users neglect to regularly install the ever-important Windows Updates. They either don’t know how or never think about installing them.

Worse yet, many refuse to allow a knowledgeable IT provider to take care of these tasks for them at a minimal cost.

The Antivirus Myth

Second, most of the affected PCs used ineffective or no antivirus protection.

The first question I always get asked after a client’s machine becomes infected is, “Well, I have [insert name of a popular antivirus program, usually a free one]. Shouldn’t it have prevented this?”

Truth is most antivirus programs sold today use ancient, 25-year-old technology. They simply don’t protect against how today’s threats attack and infect computers.

In the previous column two weeks ago, my Director of Service Operations, Christian Hinojosa, warned about the inadequacies of free antivirus programs – like AVG, Avast, and Avira. These are some of the worst protection when it comes to ransomware like WannaCry.

But even many of the paid antivirus programs fail to block deadly viruses and malware.

Only a slim handful of paid antivirus software effectively blocks many of the behavior-based, zero-day threats regularly attacking your computer. And they’re not ones you find on the shelf at Walmart or Best Buy.

The Worst Is Yet To Come

While WannaCry’s reach rapidly extended throughout the entire civilized world, it only lasted a few days before it was stopped in its tracks.

The purchase of a simple $11 domain name by an observant security expert broke the criminals’ code.

Those thieves know exactly what they did wrong. You can bet they’re already working on a version 2.0 that won’t be stopped as easily.

At Home or At Work – You’re At Risk

Are you a home user who only checks email and browses Facebook?

Are you a small business owner with one or more computers critical to running your daily operations?

Do you work in an office, warehouse, or other organization with computers?

If you answered yes to any of those questions, you have computers at risk for the next big attack.

It would be wise to make sure you’re well-protected before disaster strikes. Keep in mind these six tips:

1. Regularly update all your computers with the latest patches.
2. Install antivirus software designed for today’s threats.
3. Implement edge protection to build a wall around your home or business network that will keep unwanted hackers out.
4. Provide on-going training to family members and/or employees that helps them identify phishing email, scams, fake websites, and other malicious attempts to infect your PC or steal personal information.
5. Maintain regular, automated, OFF-SITE backups of all important documents and data on your computer.
6. Consult with a knowledgeable IT professional to provide these five solutions for you. If they can’t, find an expert who is educated and able to offer complete security. It really is cheaper than the alternative.

Posted on

The Real Costs of “Free” Antivirus Protection

When Alan brought his computer to us because he couldn’t access any websites, he never suspected the culprit would be this one seemingly harmless thing.

Our technicians put his computer through rigorous troubleshooting, but were unable to immediately find the cause of his problem. After more in-depth testing, we discovered one small setting preventing Alan from browsing the Internet.

Alan had been using AVG Free Antivirus – one of the most popular free antivirus programs. However, his troubles began when he uninstalled AVG prior to having us install our Advanced Managed Antivirus protection. Even after being “removed,” AVG was still trying to commandeer his Internet connectivity. His problem was solved by removing the remaining hidden AVG drivers.

Little things like these are what make free antivirus solutions less than optimal.

While the prospect of free protection from malicious viruses and malware may seem appealing at first, the cost further down the road is far less attractive and significantly more.

Here are three reasons why you should think carefully about risking your PCs security with a free antivirus program:

Pathetic Protection

What is the point of having an antivirus program installed on your computer if it’s not able to protect you from the latest viruses and malware attacks?

Paid antivirus programs have more frequently updated features and are always kept up-to-date with the latest virus definitions. Most free solutions, however, offer only minimal protection.

In a study conducted by PC World, free antivirus programs allowed an unsettling 15.2% of malware slip through their detection.

Real-time protection is also rarely an option when you are not paying for your antivirus software. You may be protected from common viruses attacking your computer, but many new, more highly sophisticated viruses could easily get away with infecting your PC and stealing your personal information before being detected.

Annoying Advertisements

The last thing you want when trying to rid your computer of malware is intrusive and annoying adware.
Many antivirus companies partner with advertisers so they can make money off their free products. Free antivirus utilities commonly hijack your browser, homepage, toolbars, and search engine. This generates more revenue for them and more trouble for you.

Free antivirus solutions rarely detect or stop unwanted adware. These programs often seem helpful and legitimate – advertised as being used for couponing, finding lyrics to your favorite songs, or even checking the weather.

But these programs gain an alarmingly elevated level of access to your computer. They leave your computer extremely vulnerable to malicious attacks.

Adware such as this results in even more pop-ups, advertisements, and even spam emails. Stuff you’re trying to prevent in the first place!

Something else to think about …

Why do all the free antivirus programs bombard you with ads to upgrade to their paid version? Even they know the paid version is more effective.

Unwanted Utilities

One of the more annoying and potentially dangerous aspects of free antivirus programs are the extra “features” that come bundled with them.

Free antivirus solutions are often bundled with a plethora of other largely useless and problem-causing utilities.

Some contain a bundled proprietary search engine or homepage. But these are a mere rebranding of Ask, Yahoo, or Bing search engines.

If you wish to use one of these search engines, you’re better off going to the legitimate website.

Some antivirus programs also attempt to redirect your web browsing through their servers promoting added protection. Ironically, this often results in security holes due to poor product development, leaving you even more vulnerable to outside attacks than before.

Buyer Beware

While a “free” virus program may be enticing to you, they are often littered with too many downfalls to be a truly good value.

Computer professionals who recommend you use a free antivirus program are doing you a major disservice. They often make more money off cleaning the virus infections and fixing other problems caused by the free programs than they do by offering you a highly effective paid antivirus software.

So what should you do?

Paid antivirus protection costs far less than you would expect. Premium antivirus software is the best option for your computer’s security and for your pocketbook.

If you absolutely cannot or simply refuse to pay for your antivirus protection, you should be extremely confident in your ability to safely navigate the web and steer clear of any and every suspicious website, email, or pop-up.

Posted on

You Can Avoid Becoming A Victim

Fraud

“Hi, Scott. I need to give you my new credit card information. My old card got hacked, so the bank sent me a new one.”

I receive calls like this almost every week from clients who have recurring transactions set up with us.

Scams, fraud and identity theft are on the rise. A sad reality of the 21st century.

Did you know …

  • 13.1 million U.S. consumers lost almost $15 billion because of identity theft in 2015, according to a Javelin Strategy and Research study conducted last year?
  • credit card fraud could jump from $4 billion to $10 billion by 2020, according to a February 2016 CNBC report?

All this is despite the advances in new security features, like the EMV chips in debit and credit cards.

If you haven’t been the victim of a computer scam, fraudulent bank or credit card use, or identity theft, you probably know someone who has. The negative effects cause incredible frustration, cost hours of lost time, and results in the loss of hundreds or even thousands of dollars.

Becoming aware of how scammers, cybercriminals, and identity thieves work and knowing how you can protect yourself is critical in this age.

In honor of National Consumer Protection Week, March 5 through 11, I’d like to provide you with this information. But I would need considerably more space than what I’m graciously given here in this column.

So I’ve created a new three-part video series where I share practical and little-known consumer safety tips.

These tips provide you the knowledge you need to be a smart consumer, even when scammers catch you off guard. Armed with this information, you’ll avoid falling victim to scams, identity theft, and fraud.

Common Computer Scams
In the first video, I’ll teach you how to quickly and easily identify the three most common computer scams. Some are blatantly obvious, yet many people fall hook-line-and-sinker for them. After watching this video, you won’t be one of those people.

How Identity Thieves Work
In the second video, I’ll describe some of the sneaky ways identity thieves steal your personal information. It’s not just through your computer, either. You’ll be surprised at how easy it is for these criminals to go undetected and how at-risk your privacy is.

How to Protect Yourself
In the final video, I’ll give you 10 specific actions you must take to protect yourself – in both the physical and digital worlds. You’ll be given the steps, resources, and tools necessary to keep your personal and financial information as secure as possible.

You can sign up to view the videos for free at on the home page of this website – www.calibreforhome.com.

I promise I’m not going to try to sell you anything, and I won’t be filling your email inbox with useless junk messages.

I simply want to help combat the growing trend of fraud and identity theft. The best way for me to do that is by sharing with you what I’ve learned as I deal with it on a daily basis.

Posted on

Beware the Fake Windows Support Scam

It was early Monday afternoon when Larry’s phone rang. “Hello,” he greeted the caller, expecting it to be a friend or family member.

“Hi. I’m calling from Windows technical support. We have detected a problem with your computer,” the caller proclaimed in an almost unintelligible accent. “I need to log in to your computer to check to see what is causing the problem.”

Suspecting something to be fishy about this, Larry told the caller he should call back in an hour. Then Larry immediately called me to inquire if this was legitimate.

This type of scam has been around for years, but is still going quite strong. Callers – often from foreign countries – pose as computer support technicians from companies like Microsoft, Norton, and other well-known computer industry names. They try to convince the victim that their computer is running slow, is infected, or has problems that they need to check out.

To make you “believe” what they are saying, they instruct you to go to your computer, pull up the Windows Event Log and observe various warnings and errors appearing there. Although most of these entries are no cause for alarm, these scammers adamantly assert these are problems that must be fixed immediately – for a cost!

They then ask you to provide credit card information either over the phone or via a web site to pay for the service. Once they receive confirmation of the payment, the scammer then asks you to download software that allows them to access your computer over the Internet, which allows them to make changes and install software.

Unsuspecting computer users who fall for this scam suffer several problems. First, they pay an exorbitant amount of money for unneeded “repairs.” Second, their computer becomes loaded with useless and often-times virus-infected software. Third, they may become the victim of identity theft.

What should you do when you get one of the calls? Hang up! Don’t waste your time talking to them. Definitely do NOT perform any actions they ask you to take on your computer.

Be warned, though, that some of these scammers are very persistent. People have reported receiving numerous calls, even after explicitly telling the scammer to not call back.

Larry asked a really good question when he called me: “How do I know if something like this is real or fake?”

You should only consider phone calls from companies that you personally know, trust, and do business with to be legitimate. Although Microsoft is the maker of the Windows operating system on your computer, you don’t actually do business with them. So they will never call you to tell you there is a problem with your computer.

Your Internet Service Provider or your local computer repair company are probably the only two who might call you to let you know about an issue with your computer.

Even then, if you do get a phone call from someone purporting to be them, don’t immediately follow their instructions. Look up the phone number for that company and call them back yourself to inquire if they called you about a problem (don’t ask the caller for their number).

Another tell-tale sign of most scammer calls is if the person calling has a foreign accent. Most of the trusted companies you do business with have employees who speak the English language very well and without a noticeably foreign accent.

Phone scams have been around for a long time and promise to be a nuisance well into the future. Play it safe. If it doesn’t sound right, it probably isn’t. Hang up and call a computer support professional you know and trust. You’ll save yourself a lot of frustration and problems.

Posted on

Has Your Login Information Been Compromised?

Do you have a Yahoo, Hotmail or Gmail email account?

If so, your email address and password could be in the hands of Russian hackers.  They’re sharing this information with others – either for a price or “street cred” on social media.

Earlier this month, a security firm in Wisconsin convinced a Russian hacker to give them a database containing 272 million email addresses and passwords.

It appears the breach mainly targeted Russian users, but because nearly one-third of the email addresses were Gmail, Hotmail and Yahoo accounts, American users could also be affected.

Interestingly, these compromised emails and passwords didn’t come from hackers breaking into Gmail, Hotmail or Yahoo databases.

Rather, the information was stolen from smaller, less secure websites where people use their email address and passwords to log in.

 

Are You A Victim?

Unfortunately, there’s no way for you to know whether your email address or password appears in the latest database, according to Alex Holden, founder of Hold Security, the Wisconsin firm that acquired the information.

But you can check to see if your login credentials may have been breached on other websites, including Adobe, Comcast, Snapchat, Domino’s Pizza, and others.

Simply go to www.haveibeenpwned.com and type in your email address.  (Yes, that’s a P instead of an O in the web address.  Pwned is gamer slang for “owned.”)

 

Protect Yourself

  1. Immediately change your password on your Gmail, Hotmail and Yahoo accounts.  Even if you don’t believe they’ve been breached.
  2. NEVER, ever use the same password for more than one website.

    In today’s increasingly vulnerable online world, the security of your personal information and identity is more important than convenience.  Using the same passwords across multiple websites gives criminals unfettered access to everything they need to steal your identity and your money.  It can take YEARS to clean up the damage.  But only takes SECONDS to prevent it.

  3. Use a secure online service to keep track of all your passwords.

    Creating unique passwords for each website is easy.  Remembering them – not so much.

    But services like LastPass (www.lastpass.com) and Roboform (www.roboform.com) allow you to store all your login information in one easy-to-use, secure location accessible from all your computers, smartphones, and tablets.

    These services can also generate impossible-to-crack passwords for you.

Posted on

Prevent Hackers From Stealing Your Tax Refund

Tax Return

It’s early on a Friday evening.  You happily bounded home from work, took your family out for a nice dinner, and sent the kids off to the high school basketball game.

You sit down at your computer, surrounded by the neat stacks of paper you carefully gathered throughout the week.  It’s time to file your taxes.

You’re pretty excited because you’ve already guesstimated a decent refund.  One that will pay for an enjoyable weeklong vacation on the beach this summer.

After about two hours answering questions and confirming your entries, you click the “File My Returns” button.  “Soon,” you smile to yourself, “my bank account will be a little fatter.”  Then you scurry off to watch TV.

Monday evening you check your email.  To your horror, the subject lines declares your tax return was rejected.

Curiosity and anger fill your mind as you carefully read the message.  The IRS says your tax return had already been filed and a refund deposited into your bank account.

Reality sets in:  your long-awaited tax refund has been stolen.

In 2013, nearly $6.5 billion in tax refunds were fraudulently paid out by the IRS.  Experts expect that number to grow to nearly $21 billion this year.

So how can you prevent cybercriminals from stealing money the government needs to return to you?  (After all, a tax refund is an interest-free loan you’ve made to the government by overpaying your taxes throughout the year.)

Protect your SSN

Your name and Social Security number are the only two items a thief needs to claim your refund.

This makes safeguarding your Social Security number so critically important.  You can do this by:

  1. Never carrying your Social Security card or any other document containing it on your physical person.
  2. Only giving out your Social Security number when it’s absolutely required. See this online article for information on who can lawfully request your Social Security Number: http://www.identityhawk.com/Who-Can-Lawfully-Request-My-Social-Security-Number.

Obtain An IRS IP PIN

Despite the obvious flaws in the government’s fraud-prevention systems, the IRS does provide certain individuals the ability to obtain an Identity Protection PIN.

This PIN is a six-digit number assigned to you that prevents someone else from using your Social Security number to file a federal tax return.  Note that it has no effect on state tax returns.

You’re eligible for an IRS Identity Protection PIN if you have been the victim of identity theft.  You can also obtain a PIN if the IRS mailed you a letter stating you can obtain one or if you filed your last year’s federal tax return with a Florida, Georgia or Washington, D.C. address.

 

File Your Taxes ASAP

The sooner you take the time to file your taxes, the less opportunity you give cybercriminals to file your taxes for you – and getting paid handsomely to do it!

Identity theft and the crimes committed as its result are an unfortunate, yet common, part of the online world in which we live.  I encourage you to be vigilant and to take the precautionary measures necessary to protect your personal information.