Are you planning on filing your last-minute tax returns electronically? Make sure that a crook isn't secretly looking over your shoulder while you're online. "The bad guys are always surfing for mistakes," says Fred Touchette, senior security analyst for AppRiver, an Internet security company. "The weakest link in computer security is usually the individual user."
The IRS has been steering more taxpayers toward electronic filing, which is not only cheaper and more efficient, but also less error-prone. The software programs make accurate calculations, prompt you to add missing information, suggest possible deductions, and can catch mistakes. They help speed your refunds, too.
Last year, 70 percent of all individual tax return were filed electronically. An even higher percentage is expected this year. If you're joining the crowd this week, here's how to keep your data super-secure:
1. Sweep your computer with an anti-virus, anti-malware program before transmitting any financial information. Do it not only prior to filing your taxes but also before applying for mortgages or credit cards online, or checking your online bank account. Any malware allowed to lurk in your machine could grab your passwords and other data. They'd be sold to scammers who could then drill into your bank, investment, and credit accounts.
2. Don't file your tax returns or manage your bank account from your child's computer. Kids can be careless -- opening unidentified music or video attachments, clicking on links in scam emails, or browsing unsecured sites online. Their machines are especially apt to be buggy.
3. Don't file returns from a coffee bar, airport, hotel, or other WiFi hot spot. Unless your computer is well-protected with a firewall, e-thieves can sneak in the moment you log on. If you then open a tax program, you'll instantly hand them your name, address, and Social Security number.
4. Log out of tax-filing or online-banking sessions as soon as you're finished. If you leave them open for a while, your session could be hijacked by a bandit bit of code. Once crooks seize control of your open connection, they can manipulate your account undetected -- writing checks to themselves or redirecting your tax refund to their own bank account. If you step away from the computer, or pause to handle a phone call or email, always turn the session off.
5. Consider encrypting the information you send over the Web. All businesses should do so, including small businesses. It's simple for individuals to do the same. You simply buy an encryption program and run your messages through it. Recipients of your email can open them normally.
6. Delete, instantly, emails that appear to come from the IRS. The IRS does not initiate email conversations or use the Web to ask for detailed personal information. If a government agent wants something, you'll get one of those intimidating white envelopes with heavy black lettering in the upper left-hand corner.
Fake IRS emails, from scammers, might say that your tax return is amiss, or a refund check was undeliverable, or that you need to "click here" to get your refund expedited. Even if you do no more than open the notice and then close it, a virus might have slipped into your computer and started sucking information out. You're just asking for trouble if you click on links or attachments, or enter your Social Security number, a PIN, password, or bank-account number.
7. Don't give out any personal financial information unless you have logged into the banking or tax site directly. If you get an email saying that your bank needs more information, enter the bank's URL into your computer's address bar yourself, to see what's up. Or call the bank directly. The same is true of emails that appear to come from stores where you have accounts, if they ask for personal information. You could even be scammed by false emails that appear to come from colleges that you've applied to. A recent, massive security breach at a database company called Epsilon lifted names and email addresses from people who used services from The College Board, as well as customers of stores and banks.
8. Update your security programs, web browsers, and third-party programs regularly, says Adam Levin, co-founder of IdentityTheft911, which helps companies manage the aftermath of data break-ins. The updates contain new security patches to fix vulnerabilities that hackers might have discovered.
9. Don't hesitate to e-file your tax returns, once you've taken the precautions. If you're reporting an adjusted gross income of $58,000 or less for 2010 (individually or jointly), you're eligible for free tax-filing software through the IRS's FreeFile site. You can choose among 17 companies offering the secure service, some of which do state returns, too (although state returns might carry a fee). The IRS also offers the equivalent of paper tax forms online, to taxpayers regardless of income, at FreeFileFillableForms.
10. E-filing can protect your refunds, too. Have them deposited directly into your bank account.
More on MoneyWatch: