The Department does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media.
Four Ways to Keep Yourself Cyber Safe:
- Turn on multi-factor authentication - Any two of the following:
- Something you know: a pin or password
- Something you have: authentication application or confirmation via text message
- Something you are: fingerprint or FaceID
- Update your software, and turn on automatic software updates if available
- Think before you click
- Use strong passwords
- Long - 15+ characters
- Unique - never used anywhere else
- Randomly generated - usually by a computer or password manager
Make sure you're not recycling the same password across all of your apps and websites.
Emails and Text Messages - Best Practices
Understand the signs of a phishing email attempt:
- Does it contain an offer that’s too good to be true?
- Does it include language that’s urgent, alarming, or threatening?
- Is it poorly crafted writing, riddled with misspellings and bad grammar?
- Is the greeting ambiguous or very generic?
- Does it include requests to send personal information?
- Does it stress an urgency to click on an unfamiliar hyperlink or attachment?
- Is it a strange or abrupt business request?
What do I do if I receive or click on a suspicious email or text message?
- If you know it is a phishing/spam email or text message, report phishing/spam and then delete the message
- If you believe you clicked on a suspicious attachment or link, change your passwords immediately
Phone Calls - Best Practices
If you believe a phone call is fraudulent, you can do the following: