As the saying goes, there are only two certainties in life: death and taxes. Cybercriminals know this too and will take advantage during tax season with elaborate scams and phishing attempts. Tax authorities are, after all, one of the few institutions that have a legitimate reason to ask for your personal information; and in the midst of stressful tax preparation, you might not realize you’re being scammed.
Anti-phishing training is the only way your employees will know what to look out for when it comes to phishing scams. Can you afford not to have your employees trained on how to be your strongest line of defense against cyberattacks? Anti-phishing training and phishing simulation are critical pieces of their preparedness. Here, we highlight what employees should know when it comes to tax season scams and how anti-phishing training can help.
Tax season phishing
Tax season phishing impersonates your local tax authorities through “official” emails. These emails will generally ask you to send personal information or click a malicious. Those who follow the link will be taken to a website that looks like the legitimate one and either asked to sign in (that’s how they’ll get your credentials) or download software (that’s how you become infected with malware).
Tax season vishing
Tax season vishing is when a scammer calls you, pretending to be from the tax authorities, asking for your private information. They may claim that you’re eligible for a refund, but
they need more information, or that there is a problem with your tax return that they want to fix for you. Never share any information with someone who calls and claims to be from the tax authorities – because the tax authorities will not contact you directly to ask for sensitive information.
Tax season scams
Tax season scammers use the information from their successful phishing and vishing attempts to file fraudulent claims in your name or for elaborate identity theft. If you suspect that you have been targeted or become a victim of tax season phishing, report it to your tax authorities as soon as possible.
How to protect yourself from tax season phishing scams
- Understand that tax authorities will never contact you directly, neither via email nor phone, to ask for personal information.
- Be careful what information you share with third parties via phone and email.
- If using software to help with the return, make sure that it is a legitimate software service as cybercriminals have been known to create fraudulent services that use your information for fraudulent tax claims.
- Double-check all links before you click on them. Cybercriminals often create URLs and web pages that are almost identical to the official ones.
- If you’re unsure if an email is legitimate, go to your browser and type in the correct URL for your local tax authority’s website. Then, log in from there instead of clicking the link in the email.
- If you suspect that you have been targeted or become a victim of tax season phishing, report it to your tax authorities as soon as possible.
How anti-phishing training can help
Global Learning Systems is a premier provider of anti-phishing training and phishing simulation for employees. Our anti-phishing training provides a comprehensive dive into the latest phishing tactics and hacker strategies. This courseware is perfect for any organization, large or small, that needs in-depth anti-phishing training and/or seeks to strengthen and enhance their company’s overall security and risk mitigation posture.
As a leader in behavior change for over 30 years, we tailor programs to meet each of our customer’s needs. Our engaging and memorable training content targets areas of vulnerability to create a security-minded and compliance-oriented workforce.
Contact us today to learn more about how you can minimize the threats to your organization.