The holidays are over and tax season is on the horizon. For many it’s a season of paperwork and stress. For scammers, it’s a season ripe with opportunity.
The IRS is warning consumers to be on the lookout for email phishing scams related to next year’s tax filing. Cyberthieves create emails with just enough detail to appear trustworthy. Common strategies include asking for wire transfers of money or employees’ W-2 forms, attaching important documents that must be downloaded and signed, warnings that consumers need to update their financial information, or needing personal verification to receive a tax refund. Their goal is to steal any money or personal information they can like social security numbers, passwords, credit cards, etcetera.
In 2017 several hundred thousand employees had their personal information stolen by phishing scams. With the rise of ransomware and malware attacks, there is little doubt that phishing scams will be on the rise this year as well. There is software that can detect malignant emails, but employees are often the first and best line of defense against scams.
A phishing email may look something like this:
Image from https://www.irs.gov/privacy-disclosure/report-phishing
The IRS never initiates contact with taxpayers by email, social media or phone. If you receive an email like this, do not click on any links or files. Do not reply. Forward the email as is to firstname.lastname@example.org (forward the email itself, not scanned images of it. Scanned images remove important information). Then delete the original email. If you get a suspicious phishing email from what looks like your employer, a family member or another organization, forward it as is to email@example.com.
Stay skeptical. Never open emails from unknown sources – and be extremely cautious about clicking any links or downloading attachments in such emails. And though it may go without saying, never provide personal information by email, even if you trust the source. Diversify your passwords so if cyberthieves do manage to steal one of your passwords, your other accounts can be protected.
Building up IT security against malicious cyberattacks can improve you and your business’s chances of avoiding a phishing scam or malware attack. Hoola Tech provides 24/7 system monitoring that will detect any suspicious activity on your network. And thanks to our backup protocols, if your network is harmed by malware we will be able to recover most if not all of your business.
Stay alert and educated on the most recent scams. If you have any questions about how to protect your business from cyberthreats, contact us at Hoola Tech.