Social Media Security Tips

Social networking sites build upon the concept of traditional social networks where you are connected to new people through people you already know. The purpose of some networking sites may be purely social, allowing users to establish friendships or romantic relationships, while others may focus on establishing business connections.

Social networking sites rely on connections and communication, so they encourage you to provide a certain amount of personal information. When deciding how much information to reveal, people may not exercise the same amount of caution as they would when meeting someone in person because

  • the internet provides a sense of anonymity
  • the lack of physical interaction provides a false sense of security
  • they tailor the information for their friends to read, forgetting that others may see it
  • they want to offer insights to impress potential friends or associates

While the majority of people using these sites do not pose a threat, malicious people may be drawn to them because of the accessibility and amount of personal information that’s available. The more information malicious people have about you, the easier it is for them to take advantage of you. Predators may form relationships online and then convince unsuspecting individuals to meet them in person. That could lead to a dangerous situation. The personal information can also be used to conduct a social engineering attack. Using information that you provide about your location, hobbies,

  • Limit the amount of personal information you post – Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing. Also be considerate when posting information, including photos, about your connections.
  • Remember that the internet is a public resource – Only post information you are comfortable with anyone seeing. This includes information and photos in your profile and in blogs and other forums. Also, once you post information online, you can’t retract it. Even if you remove the information from a site, saved or cached versions may still exist on other people’s machines.
  • Be wary of strangers – The internet makes it easy for people to misrepresent their identities and motives. Consider limiting the people who are allowed to contact you on these sites. If you interact with people you do not know, be cautious about the amount of information you reveal or agreeing to meet them in person.
  • Be skeptical – Don’t believe everything you read online. People may post false or misleading information about various topics, including their own identities. This is not necessarily done with malicious intent; it could be unintentional, an exaggeration, or a joke. Take appropriate precautions, though, and try to verify the authenticity of any information before taking any action.
  • Evaluate your settings – Take advantage of a site’s privacy settings. The default settings for some sites may allow anyone to see your profile. You can customize your settings to restrict access to only certain people. However, there is a risk that even this private information could be exposed, so don’t post anything that you wouldn’t want the public to see. Also, be cautious when deciding which applications to enable, and check your settings to see what information the applications will be able to access.
  • Use strong passwords – Protect your account with passwords that cannot easily be guessed. If your password is compromised, someone else may be able to access your account and pretend to be you.
  • Check privacy policies – Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam. Also, try to locate the policy for handling referrals to make sure that you do not unintentionally sign your friends up for spam. Some sites will continue to send email messages to anyone you refer until they join.
  • Use and maintain anti-virus software – Anti-virus software recognizes most known viruses and protects your computer against them, so you may be able to detect and remove the virus before it can do any damage. Because attackers are continually writing new viruses, it is important to keep your definitions up to date.

Source:  US Computer Readiness Team, https://www.us-cert.gov

About Afinety:  IT services for law firms provided throughout California and beyond, including Orange County, Los Angeles, San Diego, the Bay Area and Las Vegas.  Cloud services and document management for law firms throughout the nation.

IRS Tax Tip: Perform a Deep Security Scan of Your Computer Drives

2016 IRS Tax Tips

The Internal Revenue Service urges all tax return preparers to get off to a clean start and perform a security deep scan of their computer drives and devices.

Already in 2016, the IRS is seeing multiple email phishing scams – some posing as the IRS – targeting tax preparers. These scams are designed to steal sensitive information – either the preparers’ passwords for IRS accounts or sensitive taxpayer data stored on computers.

The IRS has teamed up with state revenue departments and the tax industry to make sure you understand the dangers to your personal and financial data. Taxes. Security. Together. We all have a role to play.

What should you do?  The IRS recommends all tax return preparers take the following steps immediately:

  1. Ensure that you and your employees have robust security software that helps block malware and viruses and that it remains turn on and active at all times.
  2. Use the “deep scan” function to fully scour all computer drives and files for any malware or viruses. These bugs can hide in places that a “quick scan” does not search. Perform a deep scan periodically.
  3. Ensure that your security software updates automatically so that it is always up-to-date and on-guard against new and emerging malware and viruses.
  4. Review the security plan for your office and operations. If you do not have a security plan, review a checklist suggested by Publication 4557, Safeguarding Taxpayer Data.
  5. Educate your employees about the dangers of phishing, malware, emails and other scams that could lead to malware/virus infections. One phishing email can result in all office computers being hacked for sensitive data.

Ensuring that your computer is free of malware/viruses will help prevent the spread of infections during the filing season when you are in contact with clients and others.

The IRS, states and tax industry have issued a series of Security Awareness Tax Tips for taxpayers. They also urge all tax preparers to share security awareness tips with taxpayers throughout the filing season. Preparers can print and share Publication 4524, Security Awareness for Taxpayers, to help clients take additional steps to protect their personal, financial and tax data online and at home.

For the full article and more IRS security tips, visit www.irs.gov/uac/IRS-Security-Awareness-Tax-Tips

For more information about identity theft and what you can do to help combat it, visit www.irs.gov/identitytheft