Building Trust 24 February 2016

Trust and Taxes

By Internet SocietyGuest Author

Tax season.  It’s that time again for taxpayers and cybercriminals. While earners work to complete their 1040s, criminals tune their tax fraud campaigns with increased sophistication. Reputable companies are being victimized, tarnishing their brands and impacting their business models, employees and shareholders.  In today’s world knowing who you can trust is crucial to navigating the tax season — but sadly, many companies are failing security fundamentals, consumer protection and responsible privacy practices.

The Online Trust Alliance evaluated privacy, consumer protection and security practices of the 13 “Free File Allianc”e web-based e-filing services noted on the IRS website for taxpayer use in the 2016 IRS Free e-File Audit and Honor Roll. Hat’s off to the Honor Roll recipients who demonstrate leadership when it comes to consumer protection, security and privacy for the highly sensitive information used in tax filing.

Shockingly, however, 46% of IRS listed services failed the audit.  In particular, they failed due to poor site security and not taking steps to help protect consumers from fraudulent and malicious email – one of the criminal set’s favorite attack vectors at tax time.  The audit is based on OTA’s widely recognized industry-developed methodology which has been used in its annual Honor Roll analysis for over eight years. The metrics are reviewed, vetted and updated annually.  Beyond OTA’s metrics, this analysis also checked against the IRS’s own security and privacy mandated standards; one company is currently out of compliance on this front as well.

That so many IRS-approved e-filing sites fall so far short is more than disappointing, it is disturbing.  The history of Honor Roll analysis shows that all the current best practices OTA recommends are readily implementable for companies of every size.  That these e-file services fail to employ commonly used security standards and best practice protections highlights the need for all companies to review the basics.  Further, it’s concerning that the IRS – which should be a source of trustworthy consumer advice – provides links to these sites as authorized e-file partners. OTA urges additional oversight for all e-file sites to maximize consumer protection.

Stay safe this tax season.  Beyond confirming the trustworthiness of any service you use, follow OTA’s tip checklists for Consumers and Businesses & Tax Professionals to protect your sensitive information and arm yourself with knowledge against fraud or attack.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 21 February 2020

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA....

Building Trust 11 February 2020

Every Day Should Be Safer Internet Day

Safer Internet Day is an opportunity for people and organizations around the world to join forces in a series...

Building Trust 28 January 2020

This Data Privacy Day It’s the Little Things That Count

Today we’re celebrating Data Privacy Day, which is all about empowering people and organizations to respect privacy, safeguard data,...