Cyber SecurityWhat Is Tax-Related Identity Theft?

Fraudulent tax refunds issued as a result of identity theft occur when an individual steals a victim’s personally identifiable information (PII), such as a Social Security number (SSN), and files a tax return claiming to be the victim. More than 89,000 Americans filed complaints with the Federal Trade Commission (FTC) reporting tax fraud linked to identity theft in 2020. Similarly, businesses may also fall victim to tax fraud, where an individual steals a business’s employer identification number (EIN) to file fraudulent returns. In both scenarios, the victims usually discover they have fallen victim to such fraud when their tax returns are rejected, or when the business receives notice about Forms W-2 they didn’t file with the Social Security Administration or notices for balances due to the Internal Revenue Service (IRS) that are not owed. Most frequently, neither businesses nor individuals will have any reliable information as to how their information has been exposed. The IRS has noted such tax fraud tends to increase during tax season and time of crisis, and cybercriminals have undeniably taken advantage of the COVID-19 pandemic to unleash an unprecedented number of tax fraud schemes to steal information from taxpayers.
Continue Reading Best Practices to Avoid Tax-Related Identity Theft

Digital LockThe SEC’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert related to Ransomware on July 10, 2020. In the publication, Cybersecurity: Ransomware Alert, OCIE alerts companies to the increase in sophisticated campaigns orchestrated to invade financial institution networks in order to obtain confidential information and plant ransomware. The attacks generally involve perpetrators using “phishing and other campaigns designed to penetrate financial institution networks … to access internal resources and deploy ransomware.” Once the ransomware is deployed, institutions typically lose control of the ability to use and maintain the integrity of their systems and data until they pay a ransom to the attackers.
Continue Reading OCIE’s Guidance on Ransomware Attacks