Non-profits are being targeted by scammers:
The IRS renewed and expanded their alert regarding protecting employees' confidential data.
- Your awareness and willingness to question data requests may be the best tactic to prevent theft of confidential data.
- The IRS reports that scammers leverage otherwise legitimate-appearing email or phone requests to secure employees' social security numbers and related payroll, financial, or personal information.
- Because church workers, volunteers, and third-party accounting services understandably are inclined to be prompt and helpful in responding to manager requests, mistakes can and do happen to expose private information.
- Never email personal protected information via unsecure means.
Question: What first step may I take when I receive a request for payroll or protected information?
Answer: Reach out to the inquirer via separate means, in order to confirm their request.
Example: You receive an email that appears to be from the Board President. They are requesting that you send payroll information to them, often quickly. Do not reply to the email thread. Instead, initiate a new email or pick up the phone and call the Board President.
Remember: Taking the time to confirm the authenticity of the request, and keeping protected information confidential, is in everyone's best interest.