Tax season is a favorite time of scammers of all types looking to grab money and personal information from potential victims. The beginning of this period is filled with hackers and other cybercriminals attempting to intercept your credentials. However, the time of expected tax returns are when you really begin seeing creative attempts to extort victims through phishing campaigns.
IRS Phishing Scams
The IRS has in recent years begun to make clear to taxpayers that the agency never initiates contact via digital media channels. This is due to repeated spoof emails appearing every year claiming to represent federal tax collectors. These fake messages may look like legitimate government communications at first glance and often contain a threat of a lost tax return if action is not taken.
Hackers Leverage Your Vulnerabilities
Tax phishing emails rely on the fear of bureaucracy and monetary loss to compel victims to act without reading too deep into the message. Those affected may be more worried of the consequences of not following through on their tax return than they about their immediate data security. Hackers that have picked up any of your personal information can also capitalize on the opportunity with a socially engineered cyber attack.
Tax Preparers Also Get Phished
Besides federal agencies, cyber scammers also have a habit of imitating tax preparers and tax preparation software companies. This includes big names like Intuit TurboTax as well as a slew of links advertising free downloads for off-brand tax applications. Tax preparation professionals themselves are often targeted so that hackers can gain access to client data or file for returns in their name.
Find Out How Vulnerable You Are to Phishing
Phishing is a pervasive form of cyber scamming because even the strongest network defense can let a spoofed email slip through. Identifying a potential fake message requires human input and judgment. If you receive a message from someone seeking your information concerning your or your client’s tax return, look for all the signs that they may not be who they say they are.
Sign up for our Phishing Defender solution for hands-on training that includes testing your employee’s response to simulated phishing attacks.