Last year prominent companies like Seagate and Snapchat felt the devastating impact of W-2 phishing schemes. Now, according to an alert from the IRS issued earlier in the tax season, not only has the tactic spread beyond the corporate world to other sectors, but fraudsters are coupling these efforts with an older scheme on wire transfers. These advanced social-engineering attacks are causing companies to lose employees’ valuable information and thousands of dollars.
According to Sophos’ Senior Security Advisor Chet Wisniewski, businesses should consider the following tips to avoid tax scams as we approach the final month of tax season:
- The IRS will never contact you for personal information or about tax related matters via email. Any information or questions should be directed to the IRS website, or the toll-free numbers found on your tax forms.
- If you work in the Human Resources or Finance department of your company, you should be on the lookout for a new variety of scam targeting employees. Scammers are asking for you to supply information related to income reporting form W-2 that employers provide to employees around this time of year.
- Sophos often sees claims of free tax processing via e-file which are designed to gather your social security number. Stick with well-known services and never respond to email solicitations.
- Beware of documents containing macros. Sophos has seen an increase in use of topical things like filing taxes being used to infect victims with ransomware through booby-trapped Word and PDF documents.
- Prepare by implementing simulated phishing attacks, to expose high risk individuals within your company, and more importantly, provide them training before they’re faced with a real phishing attack.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…