Questions? Call us at
(833) 690-6121
Blog
Small Business

Cybersecurity for Small Business Owners

May 31, 2018
3 min read
Share this post
Small business owner typing on a laptop

Cybersecurity for small business during tax season

Small business identity theft is a year-round concern, but with income tax filing season, specific risks are more likely to occur. The IRS reports that there has been an increase in identity thefts. In particular, scammers are increasingly trying to gain access to a company’s W-2 information. The scammers generally go after employees in HR and Payroll, but any staff member or manager may be targeted.

One common method of illegally obtaining a company’s W-2 information involves the scammer sending an email while posing as a company executive, requesting a list of employees and their W-2s from an email address that looks legitimate at a quick glance.

Taxpayers may also receive emails that look like they’re from the IRS but are actually phishing attempts aimed at implanting harmful software into your computer or server. These phishing attempts are also directed at accountants and tax professionals. Always remember that the IRS sends letters by U.S. mail and does not initiate contact with taxpayers by email, text messages or social media.

For information on how to protect yourself, your business, and your clients from identity theft during tax season, the IRS offers up-to-date resources on data theft and scam alerts. The IRS also encourages companies to report the W-2 scam emails by filling out Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.

Protect your business from the dark web

These are some tips:

  1. Install cybersecurity software on all computers and mobile devices
  2. Install a remote computer backup—in the event of a cyberattack, your remote system backup will allow you to recover quickly
  3. Regularly test your data security systems and procedures
  4. Encrypt sensitive data, enable two-factor authentication, and train staff to spot "phishy" emails and other common scam tactics
  5. Develop a data breach response plan, including how you will notify staff and clients

Why do these tips matter? As a small business owner, you’re certainly familiar with identity theft, but you may not be familiar with the dark web, an online market where identity theft professionals buy and sell your stolen information.

Places on the internet not identified by traditional search engines are the perfect place for cybercriminals to barter your stolen account information, credentials, documents and other personal information. A synthetic identity, in which both real and fictitious information is merged to create a new identity, may also be found in this marketplace. Some Dark Web businesses even offer customer service functions, including card support and refunds.

While the range of purposes that your private information can be used for is only limited by the criminal imagination, it generally includes obtaining lines of credit, mortgages, loans, and tax refunds.

For example, a stolen user name and password from one credit card can be used to open several accounts, including banking and e-commerce. If you use the same user name and passwords for multiple business services, a cybercriminal will be able to break into several accounts that you hold across various financial and business-related horizons. If this happens, you may have to deal with multiple compromises of both your personal and business-related data and private information.

Bottom line

Although the media focus on data breaches where large companies experience millions of compromised accounts may cause you to assume that your business is too small to attract thieves, small business owners should know that identity thieves target the most vulnerable—not necessarily the biggest—companies. This increased cyber threat means that you need to take strategic steps to reduce the risk for your small business.

LegalShield provides access to legal services offered by a network of provider law firms to LegalShield Members through member-based participation. Neither LegalShield nor its officers, employees or sales associates directly or indirectly provide legal services, representation or advice. See a plan contract at legalshield.com for specific state of residence for complete terms, coverage, amounts, and conditions. This is not intended to be legal or medical advice. Please contact a medical professional for medical advice or assistance and an attorney for legal advice or assistance.

Share this post
Taxes
Identity Theft
No items found.

LegalShield is a trademark of Pre-Paid Legal Services, Inc. (“LegalShield”). LegalShield provides this blog as a public service and for general information only. The information made available in this blog is meant to provide general information and is not intended to provide legal advice, render an opinion, or provide a recommendation as to a specific matter. The blog post is not a substitute for competent legal counsel from a licensed professional lawyer in the state or province where your legal issues exist, and you should seek legal counsel for your specific legal matter. All information by authors is accepted in good faith. However, LegalShield makes no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of such information. The materials contained herein are not regularly updated and may not reflect the most current legal information. No person should either act or refrain from acting on the basis of anything contained on this website. Nothing on this blog is meant to, or does, create an attorney-client relationship with any reader or user. An attorney-client relationship may be formed only after the execution of an engagement letter with an attorney and after that attorney has confirmed that no conflicts of interest exist. Nothing on this website, or information contained or transmitted by this website, is intended to be an advertisement or solicitation. Information contained in the blog may be provided by authors who could be a third-party paid contributor. LegalShield provides access to legal services offered by a network of provider law firms to LegalShield members through membership-based participation. LegalShield is not a law firm, and its officers, employees or sales associates do not directly or indirectly provide legal services, representation, or advice.

Related posts

Colleagues Watching Something On Laptop While At The Office
Small Business
4 min read

4 Tips to Avoid Layoffs for Small Businesses

Worried about layoffs? Discover four smart ways small businesses can cut costs, boost efficiency, and keep their teams intact during tough times.
Mature entrepreneur writing notes in his workshop
Small Business
8 min read

Your Small Business New Year Wellness Check

Start the year with a 6-step small business checkup: review results, set goals, update plans and finances, refresh marketing, upgrade tools.
Man holding up a temporarily closed sign in his business window
Small Business
10 min read

Disaster Recovery Guide for Small Business

Learn how to build a small business disaster recovery plan that protects operations, reduces downtime, and keeps your business running.