There’s less than a month to go before this year’s income tax filing deadline, and security experts are warning consumers to be on the lookout for tax-related scams and other attempts to steal their refunds and personal information.

Just a heads up that like last year, this year’s federal income tax deadline is April 18 — three days later than usual — thanks to a weekend and Emancipation Day, which is observed in Washington, DC. But the more you procrastinate, the more likely you are to fall victim to some kind of tax-related cybercrime.

Scammers can capitalize on your last-minute efforts to play catch-up if you don’t take a beat before clicking on a dubious link or handing over personal information. Either action could put you at risk for financial fraud or identity theft.

Tax-season scammers often impersonate the IRS, tax professionals or online filing websites, said David Putnam, head of identity and protection for LifeLock, a provider of consumer identity theft protections.

Phishing emails, texts and even phone calls designed to look like they’re from the IRS, or an IRS agent, are a common sight this time of year. They might threaten jail time or big fines if the targeted person doesn’t pay what the cybercriminals might claim are back or overdue taxes.

Those are all sure signs of a scam, Putnam said.

«The IRS only communicates through snail mail, so if you get a text message claiming to be from the IRS, you’ll know you’re actually being contacted by a scammer,» he said.

The IRS also doesn’t take payments in the forms of cryptocurrency or gift cards, making requests for back taxes in those forms obvious signs of a scam too.

Phishing emails could also carry fake tax forms that look like they’re coming from an employer or a bank, said Ravi Srinivasan, CEO of Votiro, a cybersecurity company that specializes in the secure transfer of data.

Srinivasan said consumers are used to getting lots of these files from lots of different places. They’re not necessarily going to think twice before opening up an attachment that could contain malware instead of a tax form.

«Do they know that it’s clean? Do they know that it’s safe?» he asked. «They don’t. They just hope that it is and the bad actors know that.»

When consumers do file, it’s critical that they make sure they’re using a legitimate tax preparation service, since tax returns are chock full of people’s most sensitive personal information, including their Social Security numbers.

Unsolicited offers to file your taxes for you should be regarded with skepticism, Putnam said. They could be part of a «ghost preparation scam,» where a cybercriminal impersonates a tax professional and promises a large refund that never appears or steals your refund by routing it to another account.

They also could collect your personal information through a website spoofing of a legitimate tax preparation service, then use it to file a false tax return and claim your refund, he said.

«Remember, if you enter any personal information on a spoofed website, scammers will have access to it,» he said.

Here are a few tips from the IRS and others for staying alert.

File early. OK. The ship may have already sort of sailed on this one, but the earlier you file, the less time cybercriminals have to use your identity to commit fraud.

Watch out for phishing and smishing. The IRS won’t send unsolicited emails or texts. Skip the links and attachments and go straight to the IRS or the applicable state and city websites.

Get a PIN. File this tip under things to remember for next year. Taxpayers who can validate their identities with the IRS can obtain an identity protection PIN, a six-digit code that prevents a cybercriminal from filing a fraudulent tax return with your Social Security number.

Fight back against fraud. If you discover someone has filed a tax return in your name, complete a paper return and include form 14039 (Identity Theft Affidavit), Putnam said. Report the fraud to local law enforcement and the Federal Trade Commission. Monitor your credit reports and account statements and contact the three major credit bureaus to ask for a freeze so that no one can request new credit in your name.

Always use good passwords and 2FA. These are both a must for any account related to your tax returns and documents. Make sure you’re using good antivirus software and that it, along with your operating system, is up to date. While you’re at it, back up your tax information to a removable drive or encrypted cloud storage. Paper copies and drives should be securely stored.

Know who you’re dealing with. If you’re self-filing online, make sure you’re using a reputable service. If you hire someone to do it for you, make sure they’re who they say they are. Be especially careful when submitting documents both online and on paper. Any decent tax professional or service will use a secure portal, not ask you to email them unprotected. Paper documents shouldn’t be left on a desk for anyone to find.   

Shred everything. Tax documents that are no longer needed must be properly destroyed. Dumpster diving still happens. Don’t be tempted to toss them in the trash and definitely don’t put them in the recycling.