If you haven’t received a fake IRS PTIN email yet, chances are that you will soon. These phishing emails look like they are from the IRS, and they can include links to update your IRS personal information or even malware attachments. These emails are designed to provide phishers with access to your computer or your client files. We have already heard reports of tax accounting professionals’ email accounts being compromised.

Here are a couple of best practices that you can use to protect your sensitive data.

#1 Never send confidential documents through email. Use a secure portal that needs a login and encrypts stored files.

#2 Use complex passwords. Use longer passwords that have 8 characters or more and that include capital letters, numbers and symbols to make your password more complex and harder to break.

#3 Add malware and antivirus software to your network / workstation.

#4 Do not open emails from unknown or suspicious sources.

Here are some samples of current phishing emails that claim to be from the IRS. If you receive one, delete it immediately. You can report these phishing emails to phishing@irs.gov.

The IRS has also put together a special section on their website called “Taxes. Security. Together.” We all have a role to play in protecting your data.