Google & Yahoo's New DMARC Policy Shows Why Businesses Need Email Authentication... Now
Have you been hearing more about email authentication lately? There is a reason for that. It’s the prevalence of phishing as a major security threat.
4 min read
Totalcare IT : Apr 15, 2022 12:45:28 PM
It’s tax time – again! As we all work hard to ensure our taxes are properly prepared, cybercriminals are using this time to their advantage to claim their own returns through “IRS-related” scams. Hackers know people are in a rush to get their returns and are more likely to fall victim to tax-related scams than any other time of the year.
It’s important for everyone, not just business owners, to stay up to date on the latest scams and best practices to avoid becoming one of the estimated 15 million people that will fall victim to identity theft in the U.S. this year.
Cybercriminals are looking for a quick payday and tax season offers ample opportunities for hackers to intercept the personal data needed to properly file taxes such as social security numbers, EINs if you’re a business owner, addresses, bank account information, and more.
If hackers can get their hands on that data, it can have devastating effects such as waking up to find they’ve drained your bank account, sold your information on the dark web, or even opened credit cards in your name and then maxed them out.
Although tax scams occur year-round, they peak during tax season in United States. Last year, 61% of the tax scams reported to the BBB's Scam Tracker were discovered in the first four months of the year, with identity fraud being the most common type of fraud. More than 650,000 identity theft reports were submitted to the FTC last year.
Let's look at 3 of the most common types of tax scams you may encounter, and how you can avoid becoming a victim this tax season.
Cybercriminals are looking to claim your tax refund for themselves and all they need is your personal information to do it. Once they have information like your social security number, birthdate, and address (which they can likely buy off the dark web if you haven’t been careful), they can file a tax return in your name and collect the refund.
Hackers get this information through different means, but one popular way is sending you fake emails that look like the IRS asking you to update tax filing information so they can process your return quickly.
Once you enter your correct information they will turn around and use it to file your tax return.
This isn’t just a pre-filing scam either! Hackers will also send emails suggesting that you have a larger return than expected waiting, and all they need to send it to you is a copy of your passport and a utility bill or credit card statement with a correct address. Always enter information through the secure portal on the IRS website.
There are a few ways you can tell if this has happened to you:
These events require immediate action! You can report it to IRS using Form 14039. There is more information on how to handle this at www.IRS.gov.
At the end of the day, remember this – do not fill out any forms online from an email. If the IRS needs your information, it can be updated through a secure platform on the official website.
This is the easiest way for hackers to get into your network. Hackers will send emails claiming that your account or tax return is locked or restricted and to release your refund and have it processed, you need to “click the link and follow the instructions.” They also occasionally pose as tax software such as TurboTax! Once you click these links looking for further instructions, hackers have the power to install malware onto your computer.
If that doesn’t work, hackers will test out the attachment method. One popular way they do this is by sending an email saying that your payment has been deducted from your account and they can download the attachment outlining the transaction. When you download the document, it installs malicious software onto your computer.
The IRS will not email you asking you for this information. Do NOT click on any links like this or download any reports. Make sure all email addresses are legit! Hackers are known to change letters in the address to make it look like it’s the official site.
For example, instead of ‘irs.gov’ they might use ‘irs.org’ or switch the ‘i’ for an ‘l’ that looks like a capital ‘i'. They are sneaky so you must be wary.
Hackers know that people are fearful about getting in trouble with the IRS, so they use this to their advantage. If you receive an email saying that you didn’t file correctly and now owe money or that you’ve missed a deadline and owe a penalty and must send a gift card with the owed amount immediately – it is a scam.
The IRS will never ask you to pay using gift cards. If you get a letter like this, report it immediately.
Here are a few tips to keep in mind when dealing with unsolicited communications this year and every year from now on.
If you’re looking for ways to stay safe from cybercriminals, get in touch with our team. We can assist with security systems for your network, spam filtering, and monitoring your network to make sure anything that slips through the cracks is resolved immediately.
Have you been hearing more about email authentication lately? There is a reason for that. It’s the prevalence of phishing as a major security threat.
Have you heard the saying, "A picture is worth a thousand words"? It seems cybercriminals have too, and they're using it to their advantage.
We were reviewing some reports from our customer relationship management platform and the question came up, is Outlook more secure than Gmail? It’s...