Added Schultz, “Clients should never send tax or personal or financial information by standard email. Always take advantage of secure file-sharing applications provided by preparers.”
Garret Wagner, a CPA and founder and CEO of the C3 Evolution Group in Rochester, N.Y., recently got three emails in a day from clients who’d been compromised by hackers. “For any high-net-worth client, you need to have your basics covered,” he said. “Complex passwords and multifactor authentication are not optional.”
With multifactor authentication, returning users need to enter a username and password credentials with another data point that only they know, such as a code sent to a mobile phone. Multifactor authentication is one recommendation from Security Summit partners, a tech-security collaboration of the IRS, state tax agencies and the private tax community. According to the Summit, preparers should use anti-malware and anti-virus software on all devices, encrypt sensitive files and emails and back up sensitive data to a safe external source, among other measures.