Small Business


Intellectual Property

*Supplements for specific legal matters can be added at any time when you choose the monthly subscription option only. Supplements are not available on the annual subscription option at this time.

Monthly and annual membership fees paid for the current membership period are non-refundable and the contract remains active until the end of the Eligibility Period.

Affordable Legal Help For Everyday IssuesInfo icon

 May 31, 2018

Cybersecurity for Small Business Owners

Small business owner typing on a laptop

Cybersecurity for Small Business during Tax Season

Small business identity theft is a year-round concern, but with income tax filing season, specific risks are more likely to occur.

The IRS reports that there has been an increase in identity thefts. In particular, scammers are increasingly trying to gain access to a company’s W-2 information. The scammers generally go after employees in HR and Payroll, but any staff member or manager may be targeted.

One common method of illegally obtaining a company’s W-2 information involves the scammer sending an email while posing as a company executive, requesting a list of employees and their W-2s from an email address that looks legitimate at a quick glance. Taxpayers may also receive emails that look like they’re from the IRS but are actually phishing attempts aimed at implanting harmful software into your computer or server. These phishing attempts are also directed at accountants and tax professionals.

Always remember that the IRS sends letters by U.S. mail and does not initiate contact with taxpayers by email, text messages or social media.

For information on how to protect yourself, your business, and your clients from identity theft during tax season, the IRS offers up-to-date resources on data theft and scam alerts. The IRS also encourages companies to report the W-2 scam emails by filling out Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.

Protect Your Business from the Dark Web

These are some tips:

  1. Install cybersecurity software on all computers and mobile devices
  2. Install a remote computer backup – in the event of a cyberattack, your remote system backup will allow you to recover quickly
  3. Regularly test your data security systems and procedures
  4. Encrypt sensitive data, enable two-factor authentication, and train staff to spot “phishy” emails and other common scam tactics
  5. Develop a data breach response plan, including how you will notify staff and clients

Why do these tips matter? As a small business owner, you’re certainly familiar with identity theft, but you may not be familiar with the Dark Web, an online market where identity theft professionals buy and sell your stolen information.

Places on the internet not identified by traditional search engines are the perfect place for cybercriminals to barter your stolen account information, credentials, documents and other personal information. A synthetic identity, in which both real and fictitious information is merged to create a new identity, may also be found in this marketplace. Some Dark Web businesses even offer customer service functions, including card support and refunds.

While the range of purposes that your private information can be used for is only limited by the criminal imagination, it generally includes obtaining lines of credit, mortgages, loans, and tax refunds.

For example, a stolen user name and password from one credit card can be used to open several accounts, including banking and e-commerce.

If you use the same user name and passwords for multiple business services, a cybercriminal will be able to break into several accounts that you hold across various financial and business-related horizons. If this happens, you may have to deal with multiple compromises of both your personal and business-related data and private information.

Bottom Line

Although the media focus on data breaches where large companies experience millions of compromised accounts may cause you to assume that your business is too small to attract thieves, small business owners should know that identity thieves target the most vulnerable—not necessarily the biggest—companies.

This increased cyber threat means that you need to take strategic steps to reduce the risk for your small business.

LegalShield provides access to legal services offered by a network of provider law firms to LegalShield Members through member-based participation. Neither LegalShield nor its officers, employees or sales associates directly or indirectly provide legal services, representation or advice. See a plan contract at for specific state of residence for complete terms, coverage, amounts, and conditions. This is not intended to be legal or medical advice. Please contact a medical professional for medical advice or assistance and an attorney for legal advice or assistance.

Related Content

A small business owner stressed while filing his business taxes

How to File Your Own Small Business Taxes

Filing taxes as a small business You are a hard-working business owner. You probably have deadlines to meet, employees to work with, rent to pay, and a hundred other things to think about on a daily basis. Tax season can creep up on even the most detailed business...

Smiling man working and talking on a cell phone in a casual workspace.

Does an Operating Agreement Need to be Notarized?

An operating agreement, one of an LLC’s (limited liability company) most important legal documents, should be one of the first documents you create when you form your LLC. So, does an operating agreement need to be notarized? Drumroll please . . . the answer is: no!...