Software developer Intuit recently released a letter to TurboTax users warning them that they may have been victims of a cybercrime attack. At least one account was found to have been breached possibly using credential stuffing methods that leveraged leaked username and password combinations. Intuit alerted their users that the unauthorized access may have allowed the malicious actors to obtain past or current tax return information. The developer provided measures for those affected to reactivate their accounts, which were shut down to prevent further access by hackers.
Tax Season is Phishing Season
Tax return season is a favorite period of cybercriminals to launch phishing campaigns for several reasons, but chief among them is the high volume of financial data being exchanged. Potential victims are either sending information out or expecting email notifications or checks in return. Some are rushing to do last minute audits and looking for quick, easy or free ways to download tax preparation applications such as TurboTax.
This makes it easier for hackers to hijack these processes at any one of many stages and gain access to sensitive data. Capitalizing on the fast pace and desperation of the season, cybercriminals wait for their victim’s guard to be let down and then send out a phishing communication disguised as a trusted source. This can take the form of an email from the IRS asking for e-Service account information or from a software provider such as Intuit featuring an update for their application.
Tax Preparation Professionals Targeted Too
Casual users of tax software are not the only potential victims targeted by hackers and tax preparation professionals were a prime objective of cybercriminals in previous tax seasons. Tax preparers can be a lucrative avenue to exploit as they give access to the data of multiple victims through a single channel. Hackers that successfully phish a preparer or preparation agency can siphon the information of their clients at their leisure.
As many of these professionals use their own versions of tax software on their work machines, scammers can use the methods outlined previously to break into these databases just as they would a personal one. That means that breaches such as the most recent suffered by TurboTax can generate an eventual windfall of personal data if the right account is hit. In addition to fraudulent tax returns, hackers can leverage this information for increased credential stuffing attacks in the future.
Protect Your Network Against Phishing During Tax Season
Phishing is a human error-reliant method of obtaining tax information that remains one of the most popular cyber scam techniques. Defending against the inevitable phishing attack is a matter of educating and training users to spot the signs of an attempt.
Sign up for our Phishing Defender solution for access to resources and employee training that will give you the tools needed to fight against data breaches.