Tax Season: Look Out for the IRS’ “Dirty Dozen”
These attacks can lead to the installation of malware (malicious program code used by cyber attackers), the loss of personally identifiable information (PII), wire transfers to malicious accounts, compromised login information, and spam emails coming from your account or to your account from additional, malicious sources, among others.
Recently Reported Cyber TTP Instances
While hackers have a number of ways to get into your systems, there are a few repeat offenders, trying to take advantage of the tax season.
- Phishing Emails – This comes in the form of an email looking for access to employee’s W-2 information. This scam appears realistic as it is sent to finance or human resource departments from someone appearing to be a senior executive within the company. The attackers are looking to use the stolen information to file fraudulent tax returns.
- User-targeted Phishing Emails – Have you received emails looking for you to verify your W-2 information? Some emails appear to be W-2 themed and direct the user to a login page to access their W-2 information. The link appears to direct the user to what appears to be a proper page but in reality the page is compromised and the attacker is gaining access to the user’s login and password information and W-2 details. These emails often reference a “paperless W-2 system” or “going paperless this tax season”.
How to Prepare:
The best way to not fall victim of an attack is to be prepared ahead of time. Here are four tips to ensuring you’re prepared this tax season:
- Have an overall IT policies and procedures documentation and implemented. Follow up with a written incident plan in the event of an attack. Educate and train your employees on these policies and procedures, and about common scams that exist, to ensure that everyone knows what to do should they occur. You can get more information on W-2 Phishing schemes targeting Payroll and HR employees as well as schemes targeting Schools, Restaurants & Hospitals on the IRS website.
- Always verify the identity and authority of the request before providing information, especially if something seems off. Picking up the phone and calling the person is always a safe step.
- Make your systems less “vulnerable” by making sure that your systems are up-to-date with software patches released by the respective vendors. This is as simple as turning on “auto updates” for your computers operating system, and implementing filters at your email gateway to filter out emails with known phishing attempt indicators at your firewall. Also acertain that your antivirus software updates are automatically scheduled.
- Report suspicious tax-related emails to the IRS by visiting this website.
Don’t fall prey this tax season to the tax fraud tactics, techniques and procedures that are out there. You can improve your defenses by following the tips above.
WithumSmith+Brown Cyber Secure Services team focuses on the entire cyber crime problem and is well equipped to provide a variety of cybersecurity servicesthrough its team of experienced professionals. Withum can assist through the full cyber secure ecosystem, from identifying, protecting and detecting against cyber-attacks to responding and recovering in the event that one is in place or has happened.
Need More Information
If you have any questions about this update or would like to further discuss your cybersecurity plan, please contact a member of Withum’s Cyber Secure Services Group or email our experts Joe Riccie, Partner, firstname.lastname@example.org, Anurag Sharma, Principal, email@example.com, Sumit Pal, Principal, firstname.lastname@example.org, or Anupam Goradia, Senior Manager, email@example.com.
Ask Our Experts
To ensure compliance with U.S. Treasury rules, unless expressly stated otherwise, any U.S. tax advice contained in this communication is not intended or written to be used, and cannot be used, by the recipient for the purpose of avoiding penalties that may be imposed under the Internal Revenue Code.