Is Safesend safe or a scam?

My accountant has adopted a system called Safesend for electronically exchanging documents.  A quick web search will show that this is marketed to, and widely used by, CPA firms.  It claims to be secure.  The way it works (to download; I’m not sure what the upload process is) is the firm sends you an email with a link.  When you click on the link, the system emails you a 6 digit code and a screen comes up waiting for you to enter the code. When you enter the code the document appears.  We all know that email is not secure.  With both the link and the code being emailed in the clear, this seems completely insecure to me.  Plus, with only a 6-digit code instead of a long password, even if a hacker doesn’t get the second email, I would think they can easily crack a 6 digit code.  I would appreciate any thoughts about how secure/insecure this system is.  If it’s as bad as I think it is, any way to get some media or other attention on this, given how widely used it is?  Thanks.

 

Hello and welcome to BC:

 

You are justified in asking questions, as there are so many scams out there.

I have no experience with this particular application, but it appears to be both legit and safe.

https://safesend.com/solutions/safesend-returns/

 

It is one of many such applications and platforms used by accountants these days.

 

If you are not comfortable with it, I suggest contacting your accountant to discuss it and perhaps to see if they offer alternatives for documents transfer.

Nothing is 100% guaranteed safe, and that includes Postal Mail, hand delivery of documents, etc.

It is all a bit nerve-wracking, for sure, especially these days.

 

 

HTH

Always call your accountant if you suspect spam if you are sent a form.

Replying to Moxie Momma:  I appreciate your response, but it's not surprising that the company itself says it's secure.  But this is "security" protocol that is unique.  Everything from my power company to my water bill will send me an email alerting me that I have a bill, but they will still require me to log in to a portal to see the actual bill.  Same with a message from my doctor's office telling me my test results are in.  I feel like my tax information, which includes my social security number, address, phone number, email address and income information should be at least as secure as my water bill if not my HIPAA protected information.

Replying to Moxie Momma:  I appreciate your response, but it's not surprising that the company itself says it's secure.  But this is "security" protocol that is unique.  Everything from my power company to my water bill will send me an email alerting me that I have a bill, but they will still require me to log in to a portal to see the actual bill.  Same with a message from my doctor's office telling me my test results are in.  I feel like my tax information, which includes my social security number, address, phone number, email address and income information should be at least as secure as my water bill if not my HIPAA protected information.

 

 

As I stated above call your CPA to verify that they have sent you a document to sign or to review.  DocuSign is a similar service in which youll be sent a link to use to sign a document.

Hi:

To clarify, I have no personal experience with it and I'm not in any way endorsing the program.
All financial firms & major enterprises with which I have personal experience use some sort of secure document sharing/signing application these days.
They would be remiss and sloppy if they didn't.

I'm not sure anyone here or at any public forum can provide the level of reassurance you seek.

And if you re-read my original post, I, too, advised you to contact your accountant if you're not comfortable using the SafeSend portal. :-)

Or find another accoutant?

Respectfully submitted

Edited for typo correction

Edited by MoxieMomma, 18 January 2024 - 11:17 PM.