FORM CRS & ADV 2A
MEET WITH AN ADVISOR
Life Event Advice

Tax Refund Scams

By
June Adams
January 31, 2022
Share on:

Tax-related fraud and identity theft have continued to grow, with millions of people becoming targets. Scammers need little more than your Social Security number and other general information to file a fraudulent tax return and hijack your tax refund. Taxpayers typically don’t discover the fraud until they attempt to file their own returns, which is why it's essential to file taxes as soon as possible. At the same time, you may want to confirm the appropriate timing with your tax professional. Although 1099s are due by the end of January, custodians may correct 1099s throughout February. If drastic changes happen to a 1099 after you file your taxes, the change can severely impact the amount you owe.

 

Here are some helpful ways to prevent your SSN from being compromised:

  • If you have been a victim of identity theft, complete  IRS form 14039, identity theft affidavit.
  • Respond immediately to any IRS issued notice once you verify the authenticity of the notice. You can do so by calling the IRS directly at 800-908-4490 or setting up your  online account.
  • Get an Identity Protection PIN: a 6-digit number that prevents someone else from filing a tax return using your Social Security number or individual taxpayer identification number. Only you and the IRS know the IP PIN.

You may also like:

Life Planning Advice

The Importance of Password Security

By
June Adams
May 10, 2021

Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can cause risk since much of those details can be discovered by a simple examination of social media.

Creating strong passwords offers greater security for minimal effort. Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can
cause risk since much of those details can be discovered by a simple examination of social media.

Under Lock and Key
You can buy a small padlock for less than a dollar—but you should not count on it to protect anything of value. A thief could probably pick a cheap lock without much effort, or simply break it. And yet, many people use similarly flimsy passwords to “lock up” their most valuable assets, including money and confidential information. Fortunately, everyone can learn how to make and manage stronger passwords. It is an easy way to strengthen security both at work and at home.

What Makes a Password ‘Strong’?
Let’s say you need to create a new password that’s at least 12 characters long, and includes numerals, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first
letter, add a digit, and end with an exclamation point. The result: Strawberry1!

Unfortunately, hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words (like “strawberry”) and common patterns, such as capitalizing the first letter.
Increasing a password’s complexity, randomness, and length can make it more resistant to hackers’ tools. For example, an eight-character password could be guessed by an attacker in less than a day, but a 12-character password would take two weeks. A 20-character password would take 21 centuries. You can learn more about creating strong passwords in your organization’s security awareness training. Your organization may also have guidelines or a password policy in place.

Why Uniqueness Matters
Many people reuse passwords across multiple accounts, and attackers take advantage of this risky behavior. If an attacker obtains one password—even a strong one—they can often use it to access other valuable accounts.

Here is a real-life example: Ten years ago, Alice joined an online gardening forum. She also created an online payment account and used the same password. She soon forgot about the gardening forum, but someone accessed her payments account years later and stole a large sum of money.

Alice did not realize the gardening forum had been hacked, and that users’ login credentials had been
leaked online. An attacker probably tried reusing Alice’s leaked password on popular sites—and
eventually got lucky.

Guarding Your Passwords & PINS. Passwords and PINS protect sensitive data and it's critical to keep them safe. Try these best practices to stay protected.

1. Do not write them down – Many make the mistake of writing passwords on post-it notes and
leaving them in plain sight. Even if you hide your password, someone could still find it. Similarly, do
not store your login information in a file on your computer, even if you encrypt that file.
2. Do not share passwords – You cannot be sure someone else will keep your credentials safe. At
work, you could be held responsible for anything that happens when someone is logged in as you.
3. Do not save login details in your browser – Some browsers store this information in unsafe
ways, and another person could access your accounts if they get your device.
4. Use a password manager – These tools can securely store and manage your passwords and
generate strong new passwords. Some can also alert you if a password may have been
compromised.
5. Never reuse passwords – Create a unique, strong password for each account or device. This
way, a single hacked account does not endanger other accounts.
6. Create complex, long passwords – Passwords based on dictionary words, pets’ names, or other
personal information can be guessed by attackers.

 

 

 

Read more
Life Planning Advice

TSA PreCheck Scams

By
June Adams
December 20, 2021

TSA PreCheck Scams

 

TSA PreCheck is garnering a lot of interest, from both travelers and scammers alike. In addition to pocketing your renewal/application fee, these scammers take your personal information to sell on the dark web or create false identities that can be used illegally. TSA PreCheck scam emails are quite sophisticated, lacking many of the typical red flags such as misspellings, grammatical errors, and slightly-off-looking versions of TSA logos. We recommend that you continue to check the email address and web address of the sender, as well as how they’re asking for payment.

Always verify that the TSA PreCheck web and email address ends in ‘.gov’ – not ‘.com’, ‘.org’ or anything else. If they don’t, these are not official TSA PreCheck communications and you should not provide personal information or payment information. Additionally, don’t purchase or renew a TSA PreCheck membership by clicking on a link you were sent via an email. Instead, go directly to the TSA or Homeland Security website.

The other major red flag comes when it’s time to pay for your renewal or application fees. While there are multiple ways to make a payment for government services, scammers typically only give you the option of using PayPal. If you get an email and suspect it’s a scam, or end up clicking on a bad link yourself, TSA says to do the following:

  1. Report the fraud to your local Police Department.
  2. File a report with the Federal Trade Commission website.
  3. Contact your credit card company or bank and let them know about any fraudulent charges.

In the event that your credit card information ended up in the wrong hands, you will need to work through your bank or credit card company. TSA specifically states on its website that it “will not issue a reimbursement to applicants who attempt to enroll in TSA pre-check through a fraudulent website.”

Read more

Get Started on Your Financial Life Plan Today