We use cookies to improve your experience and optimize user-friendliness. Read our cookie policy for more information on the cookies we use and how to delete or block them. To continue browsing our site, please click accept.

Tax Season: Look Out for the IRS’ “Dirty Dozen”

Tax Season: Look Out for the IRS' "Dirty Dozen"

Tax season is now upon us, with that comes the emails from various vendors requesting the use of their services during tax season. This has caused an increase in reporting of tax fraud related tactics, techniques and procedures (TTPs). Successful TTPs mean that you’re the victim of a cyber-attack. Ever year identity theft, phone scams and phishing scams rate high in the Internal Revenue Service’s (IRS) “Dirty Dozen” list of tax scams.

These attacks can lead to the installation of malware (malicious program code used by cyber attackers), the loss of personally identifiable information (PII), wire transfers to malicious accounts, compromised login information, and spam emails coming from your account or to your account from additional, malicious sources, among others.

Recently Reported Cyber TTP Instances

While hackers have a number of ways to get into your systems, there are a few repeat offenders, trying to take advantage of the tax season.

  • Phishing Emails – This comes in the form of an email looking for access to employee’s W-2 information. This scam appears realistic as it is sent to finance or human resource departments from someone appearing to be a senior executive within the company. The attackers are looking to use the stolen information to file fraudulent tax returns.
  • User-targeted Phishing Emails – Have you received emails looking for you to verify your W-2 information? Some emails appear to be W-2 themed and direct the user to a login page to access their W-2 information. The link appears to direct the user to what appears to be a proper page but in reality the page is compromised and the attacker is gaining access to the user’s login and password information and W-2 details. These emails often reference a “paperless W-2 system” or “going paperless this tax season”.

How to Prepare:

The best way to not fall victim of an attack is to be prepared ahead of time. Here are four tips to ensuring you’re prepared this tax season:

  • Have an overall IT policies and procedures documentation and implemented. Follow up with a written incident plan in the event of an attack. Educate and train your employees on these policies and procedures, and about common scams that exist, to ensure that everyone knows what to do should they occur. You can get more information on W-2 Phishing schemes targeting Payroll and HR employees as well as schemes targeting Schools, Restaurants & Hospitals on the IRS website.
  • Always verify the identity and authority of the request before providing information, especially if something seems off. Picking up the phone and calling the person is always a safe step.
  • Make your systems less “vulnerable” by making sure that your systems are up-to-date with software patches released by the respective vendors. This is as simple as turning on “auto updates” for your computers operating system, and implementing filters at your email gateway to filter out emails with known phishing attempt indicators at your firewall. Also acertain that your antivirus software updates are automatically scheduled.
  • Report suspicious tax-related emails to the IRS by visiting this website.

Don’t fall prey this tax season to the tax fraud tactics, techniques and procedures that are out there. You can improve your defenses by following the tips above.

WithumSmith+Brown Cyber and Information Security Services team focuses on the entire cybercrime problem and is well equipped to provide a variety of cybersecurity services through its team of experienced professionals. Withum can assist through the full cyber secure ecosystem, from identifying, protecting and detecting against cyber-attacks to responding and recovering in the event that one is in place or has happened.

Need More Information

If you have any questions about this update or would like to further discuss your cybersecurity plan, please contact a member of Withum’s Cyber Secure Services Group or email our experts Joe Riccie, Partner, jriccie@withum.com, Anurag Sharma, Principal, asharma@withum.com or Anupam Goradia, Senior Manager, agoradia@withum.com.



Previous Post
Next Post
Article Sidebar Logo Learn more about Withum's Cyber and Information Security Services Learn More

Get news updates and event information from Withum