March 24, 2020
by Christina Belfiglio
Office Operations and Management
Scammers wasted no time in exploiting the Covid-19 virus for their benefit. They have created scams seeming to come from the CDC and from employers; and they hid viruses in what appear to be links to official Covid-19 data.
SCAMS to watch out for:
- Covid-19 Home Tests – you cannot purchase test kits to use from home. Any sites, calls, or door-to-door sales that claim this is a scam. Don’t be fooled if they say they are from the Red Cross, it’s a scam.
- Phishing Emails or texts are messages containing attachments or links which, once launched download malicious software (malware). The malware could allow cybercriminals to take control of your device, record keystrokes, and/or access your personal information. Go to the source itself instead of clicking links in emails or on social media. Known scams include messages claiming to be from:
- The World Health Organization (WHO) or from Dr. Tedros Adhanom Ghebreyesus, Director-General of WHO. The actual link to WHO is https://www.who.int/
- The U.S. Centers for Disease Control (CDC). The actual link to the CDC is: https://www.cdc.gov/
- Employers – Emails may appear to come from an employer and contain a link to a policy.
- Messages threatening to infect you or your family with the Coronavirus. These messages may reveal a password you once used which was found in a data dump from a recent breach. The message may demand funds in the form of bitcoin or gift cards.
- Financial Relief – This email campaign promises to send a check, possibly as part of the government stimulus package. They request your personal and bank account information as well as your social security number. The government already has some, if not all, of this information. The government will not email you regarding a stimulus check.
- Fake Charities – with any disaster or major health event scammers use those instances to take advantage of your generosity. Research the charity and go directly to the organization’s website instead of donating via links. Requests for donations via cash, gift card, or wiring money are scams. It’s best to pay by credit card so you can dispute the charge if you find out it is not legitimate. For more tips on donating responsibly and research charities review information on the Federal Trade Commission website: https://www.consumer.ftc.gov/features/how-donate-wisely-and-avoid-charity-scams#researchhttps://www.consumer.ftc.gov/features/how-donate-wisely-and-avoid-charity-scams
- Robocalls – recorded calls that may range from virus treatments to work-at-home schemes. Do not push any buttons as this may lead to more robocalls. Hang up and if possible, block the number from your phone.
Tips for recognizing and avoiding phishing emails
Here are some ways to recognize and avoid coronavirus-themed phishing emails.
Like other types of phishing emails, the email messages usually try to lure you into clicking on a link or providing personal information that can be used to commit fraud or identity theft. Here’s some tips to avoid getting tricked.
- Beware of online requests for personal information. A coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
- Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses. Delete the email.
- Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email. Delete it.
- Look for generic greetings. Phishing emails are unlikely to use your name. Greetings like “Dear sir or madam” signal an email is not legitimate.
- Avoid emails that insist you act now. Phishing emails often try to create a sense of urgency or demand immediate action. The goal is to get you to click on a link and provide personal information — right now. Instead, delete the message.
Tips for Staying Protected
- Report suspected scam to the Federal Trade Commission at ftc.gov/complaint.
- Update the software, virus and malware protection on all of your devices.
- Always Question the source and validity of the information you receive. Go directly to the source instead of clicking links or opening attachments.
- Check with your IT department at work to verify if a message is a scam or legitimate. If you receive something that appears to come from someone in your company send them a separate message or call them to verify the validity.
A LETTER FROM YOUR FORTIS FAMILY OFFICE TAX TEAM:
The tax filing deadline for returns normally due April 15th, has been extended until July 15th. Earlier in the week, the Internal Revenue Service extended the federal income tax payment deadline for most individuals and corporate taxpayers. Today, Treasury Secretary Steven Mnuchin shared this news via Twitter “We are moving Tax Day from April 15 to July 15. All taxpayers and businesses will have this additional time to file and make payment without penalties and interest.“
We are still awaiting official guidance from the IRS and from the majority of the States. We are continually monitoring this situation and will report accordingly.
Fortis Wealth LP is continuing our operations with a remote workforce. We encourage you to send us your tax documents as soon as possible (preferably in electronic format) so that we can continue providing the service that you have come to expect.
As always, we encourage you to reach out to us with any questions or concerns.
Director of Tax
FROM YOUR FORTIS FAMILY OFFICE TAX TEAM
Treasury Secretary Steven Mnuchin announced yesterday that the IRS will postpone the April 15th tax payment deadline for most individual and corporate taxpayers. Payments can be deferred for up to three months and taxpayers will not be subject to interest and penalties.
Individual taxpayers can defer up to $1 million of tax liability and corporations get an extension on up to $10 million of liability.
The Individual tax filing deadline of April 15th remains in effect and we encourage you to send us your 2019 tax documents as soon as possible.
The federal government is encouraging those taxpayers with refunds to file as soon as possible to help stimulate the economy.
We are closely monitoring the details of this relief as well as other relief associated with the coronavirus. We will keep you informed as more details become available.
Fortis Wealth is fully operational and our client-focused operations continue as normal.
As always, we encourage you to reach out to us with any questions or concerns.
Director of Tax
Maggie Corado & Terri McDermott have been contributing to Women to Watch as the “Finance Watch” team, bringing listeners a brief segment on financial education during each show for the past year.
Women to Watch is a Premier Global Media Platform for Women Leaders. Initially created as a weekly radio show, Women to Watch™ developed into digital, print, social media, events and video production programs that tell “the real story behind the titles” of some of the most accomplished women in history.
We will be posting each week’s “Finance Watch” segment here, in case you missed the show!
Go to http://women2watch.net, to listen live, or browse content!
January 28 is Data Privacy Day. Millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society.
Data Privacy Day is an international effort to inspire dialogue, and to empower individuals and businesses to respect privacy, safeguard data and enable trust. It began in 2008 in the US and Canada and commemorates the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.
Most of know someone who has had their identity stolen and how much time and money were involved in resolving the problems it caused. But are you aware that many online sites share your information with other sites, retailers, and more? Have you noticed how many targeted ads you received after visiting certain sites? Your information has been shared by another site.
At Fortis, we are constantly on alert for signals that our clients are being targeted for financial scams. We follow strict procedures to make sure that suspicious emails or phone calls regarding requests for funds, transfers, and other account transactions or changes are genuine. The scammers already have some bit of information that may have been obtained without the client’s permission – a Social Security Number or account number, for example. Do you know what policies your financial service providers and advisors have in place to protect your personal information? Do you do your part by following these tips?
Start by updating your privacy settings on individual sites by going to staysafeonline.org, which is sponsored by the National Cyber Security Alliance.
Other basic tips include keeping your software on all your devices up to date, using strong and unique passwords and double authentication, avoiding public wi-fi, and backing up your data and keeping it in a safe place.
We have discussed the importance of cybersecurity in the past, but we cannot emphasize enough how vigilant you need to be. We highly encourage you to take the few minutes needed to protect your personal and financial information, not only on January 28, but every day.
November 27, 2019
From Jennifer Fields CPA
Fortis Family Office Tax Team
Making the Most of Giving Tuesday
Giving Tuesday was created to encourage charitable donations and giving. Started in 2012, Giving Tuesday takes place on the Tuesday after Thanksgiving to kick off the holiday and end-of-year giving season. This year it falls on December 3.
Charitable giving may be tax deductible for individuals and businesses, another benefit to giving back to the community. Here is some helpful information about making charitable donations, whether you’re donating on Giving Tuesday or at any other time of the year.
First, Make sure it’s an IRS-qualified charitable organization. Qualifying charitable organizations are nonprofit, generally with a 501(c)(3) filing status. These include religious, charitable, educational, literary, or scientific purpose groups or groups dedicated to the prevention of cruelty to animals or children, and others. If you’re unsure if your charity is a qualified nonprofit, check the database on the IRS website.
Make sure to get a receipt or other written record for cash, checks, or other monetary gifts. For monetary contributions over $250, you need this record and information about anything you received in exchange for the contribution.
Don’t forget that donations other than cash can also be tax-deductible. These include vehicles, property, stock, clothing, and household items. The amount you can deduct is determined by their fair market value. If you are donating your time, you can deduct any out-of-pocket expenses you incur as you’re volunteering. For businesses, event sponsorships and inventory or service donations count too.
There are limits to the amount that qualify for a charitable tax deduction, depending on the type of charity. With some you can give 60 percent or less of your adjusted gross income. There may be a limit to how much you can donate if your income is more than a certain amount. To see the specific limitations to tax-deductible contributions, see IRS Publication 526.
Finally, remember to claim the deduction on your taxes. In order to deduct a charitable donation, you must file Form 1040 and itemize your contributions on Schedule A of Form 1040. For donations of items valued at more than $500, taxpayers must complete section B of tax form 8283 and may need to have the items appraised by a qualified appraiser to determine their value.
For more information on how to correctly deduct charitable contributions, see IRS Publication 526.
Your Estate Plan and your Digital Assets
by Terri McDermott
Many of us have elected to receive to receive electronic statements, set up auto payments or online bill payment. What happens with these accounts when you die or become incapacitated? Without physical evidence of your bills or statements for your accounts, how will your executor, trustee or family members be able to manage your bills or finances when the time comes? How will they know about bills due or money owed if they are unable to access your email or online accounts?
Facebook, LinkedIn, Twitter and Instagram and other social media sites are increasingly used by all of us. These providers have our online profiles with personal information, pictures and contacts. How are these accounts or digital assets handled upon your death or incapacity?
Cryptocurrency ownership adds another layer of complication and is not addressed in this article.
Your estate plan should be designed to make the administration process as easy as possible for your loved ones. This includes making it convenient to manage your assets upon your incapacity or death and avoiding the need to sort through your paperwork to collect assets and pay your bills. Without specific provisions in your estate plan and careful planning, access to this critical information can become difficult for your family or loved ones.
Why not keep a list account credentials, “just in case”? Even if your fiduciary or designated person(s) has the information to access to the accounts doesn’t necessarily mean that they have the legal authority to do so, especially when a website’s Terms of Service do not permit a transfer of ownership. In fact, heirs could potentially be found guilty of “hacking” by trying to access a loved one’s online accounts after he/she is gone.
Federal law regulating access to digital property does not yet exist. To address the situation, the Uniform Law Commission created the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA) in 2015, which received widespread support and in just a few years has been adopted by more than 40 states.
RUFADAA provides instructions for how a person’s digital assets are to be treated should a designated representative seek access. This may include not only executors after death, but trustees, court-appointed guardians, and attorneys-in-fact. The starting point is that online service providers can create an “online tool” that functions as a form of “digital power of attorney” to specify who has control and access for that specific site. RUFADAA helps to provide a clear legal framework for digital asset rights to be specified in traditional legal documents (e.g., Wills and powers of attorney). It clarifies that it’s only in the absence of an online tool, or any legal documents, that finally the service provider’s own Terms of Service will control.
In today’s digital world, most of our financial transactions and communications occur online. Digital photographs, websites and Internet profiles are now the norm for many of us. You can do almost anything online, and many people choose to do so. These accounts have limited access with protected passwords, which can create problems when the account holder dies because no one has access to their passwords. Planning now can save a lot of heartache later.
If you live in a state that is not covered by any protective laws, those accounts or assets are governed by the terms of the service agreement when the account was opened. Under these agreements, family members would need confidential identification information and passwords. Consider the following steps:
1. Inventory Your Accounts
Document an inventory of the accounts including login IDs and passwords. That information should be maintained in a secure location.
2. Create an Online Vault
This would be a place to keep passwords, identification or logins and other sensitive information. Available options include Keeper, Last Pass, and others. Your representative should have access to the vault password.
3. Establish a Detailed Digital Asset Plan
This plan would have a clear, specific statement of intent about who would gain access to what information. This statement of intent should address all accounts, past, present and future.
4. Carefully Select Your Trustee, Executor or Representative
When making your decision, consider the private and confidential information that will be accessible. Oftentimes, the information embedded in the digital assets is highly personal and confidential.
The popularity of digital assets is a part of our lives and they probably won’t go away. For your family, heirs, and designated representatives, please take the proper estate planning precautions.
Best Practices for Device Applications
by Dan Donnelly
Recently, there was a new, at least for me, phishing attempt through my cell phone. It started like it has hundreds of times before for most of us with someone from an unidentified number trying to call me. However, this “person” didn’t leave a voice mail or hang up, but instead proceeded to leave a text. The text said something about selling your property and cited a specific address, but the person being addressed in the text wasn’t me. My cybersecurity instincts kicked in and I deleted the text and blocked the caller. Even if the caller’s intent wasn’t malicious, it’s better to be vigilant than to have a security breach that could be difficult to fix.
According to Statista, mobile phone users have surpassed the 5 billion mark. Cybercriminals are constantly on the lookout for mobile users who are vulnerable to hacking attacks. There is a certain dichotomy in our mobile devices in that they make our lives easier and can make us more productive while there is always a looming threat of a crippling cyberattack that can alter our lives. Fortunately, there are steps that can be taken to help mitigate the threat.
Here are 10 best practices for mobile security.
1. User Authentication
Restricting access to the device by requiring user authentication. Most mobile devices can be locked with a screen lock, password or personal identification number (PIN), but these measures are typically turned off by default.(more…)
We came across this great article from Wired, which always has some really good information on Cyber-security and staying safe on the internet. Public Wifi is something we get a lot of questions about – how do we make sure our Personally Identifiable Information (PII) is secure on public wifi? Read below to make sure you’re protected…
Simple Steps to Protect Yourself on Public Wi-Fi(more…)
Is your Small Business Safe from Cybercrime?
by Terri McDermott
The Internet allows businesses of all sizes and from any location to reach new and larger markets and provides opportunities to work more efficiently by using computer-based tools. Whether you are thinking of adopting cloud computing or just using email and maintaining a website for your business, cybersecurity should be a part of the plan. Theft of digital information has become the most commonly reported fraud, surpassing physical theft. Every business that uses the Internet is responsible for creating a culture of security that will enhance business and consumer confidence.
The Federal Communications Commission (FCC) has released an updated Cybersecurity Tip Sheet. Here are some of those tips:
1. Train employees in security principles
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.(more…)