Tax Accountants advise how to avoid cyber scams during tax season
Tax Accountants look forward to tax season. Now, however, cybersecurity specialists have seen a surge in the number of impersonation attacks focused on stealing personal information through email, texts, phishing, vishing (voice phishing), and even text.
These attackers in the US tend to exploit tax season and Tax Accountants, in particular, to send out ransomware and other malware.
To be more specific the phishing attacks impersonate Tax Accountants or the IRS to steal personal information.
As a matter of fact, more than 60,000 phishing websites were reported in March.
Unfortunately, now that filing for taxes has become an online process, taxpayers have grown accustomed to sending sensitive financial information through email or on IRS web pages.
Cyberattackers use this to their advantage by making fake IRS pages so the victim is tricked into filling out personal information.
Proofpoint, a cyber-security company, discovered a phishing scam that took users to a fake IRS website. The website asked for login information and hackers would steal user credentials once a form was out.
Why is this information valuable?
Hackers can use tax data for any number of things. Consider all the information available on a tax sheet. Tax data contains Tax ID numbers, employee records, bank information, and gross earnings.
This type of personal information can be used to get access to business accounts, banking information and steal someone’s identity.
Remote Access Makes Users more Vulnerable
Along with phishing scams, like the ones discussed above, hackers can use man-in-the-middle attacks to intercept data or latch on to your network while you’re filling out information.
The IRS warns Tax Accountants to be on alert for suspicious activity. It’s important to keep in mind that the IRS does not contact taxpayers through email, social media, or text messaging to request or discuss any financial information.
If you receive an email claiming to come from the IRS and asking for the personal information you should not reply. The IRS website itself advises to not open any attachments or click on any links. They also recommend you send the email as-is to phishing@irs.gov.
Cybercriminals are targeting Tax Accountants as well. Hackers deploy phishing emails claiming to come from clients. Some of these attackers might use stolen taxpayer information to file fake tax returns or infect the computer of the Tax Accountants.
How can you avoid these scams?
The easiest way to avoid tax scams is to know about them. Thieves and cybercriminals are constantly creating new phishing scams to fool people. It’s a game of cat and mouse essentially. Keep up with the latest scams and how they’re being used.
Often, scammers will take advantage of current events to manipulate victims into clicking on a malicious link. A recent example of this was in early 2020 when victims received emails regarding the coronavirus vaccine or the various stimulus checks sent out by the government. Scammers sent out emails with links that supposedly led to official government sites.
Make sure you hover over the link of a website before you click on it. Sometimes you catch a malicious link just by seeing where it leads. Does it take you to the address in the URL or does it direct you to a different website?
Always verify the security of the site requesting information
So long as you are on a secure website that has “https” at the beginning of the URL then the website is protected. Otherwise, even if the website is not controlled or designed by a hacker it can be accessed easily.
Update your browser regularly
Programmers release security patches for big or popular websites due to security loopholes phishers and hackers leverage and exploit. Don’t ignore updating your browser. These strengthen the website and programs you use.
As you can see these IT solutions are not difficult to execute but easy to neglect. Keep in mind that there is no definitive solution to preventing phishing attacks. It is an ongoing battle but if you stay vigilant and take precautions, you’ll avoid falling for these cyber traps.
Work With An MSP
Users and businesses are working remotely now. Although there are those out there with VPN’s or Managed IT services to protect themselves against certain threats, there are also those who have few or no security protocols on their home network.
There are cloud accounting services specifically tailored towards CPA firms. Although cloud accounting is just as vulnerable to cyberattacks as in-house IT, a service provider that follows regulatory compliance stands a better chance at protecting Accountants against attacks.
MSP’s also offer IT consulting services to ensure the digital tools and cybersecurity protocols are used effectively.
In Conclusion
Cyber-attacks grow more sophisticated every day. To combat cyber-attacks effectively, everyone has to do their part to ensure they have good digital hygiene. It’s better for a hacker to underestimate a target than for a target to underestimate a hacker. Using best practices when browsing the web, ensuring credentials are secure, and staying informed are key to fending off cyber threats during tax season.
Article by Felipe Castilla at nerdssupport.co
Leave a Comment