Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.
It’s that time of year again…Tax Day. But, making a payment to the IRS isn’t the only thing you need to be worried about. ‘Tis the season for tax day scams.
These phishing attacks can take many different forms. In the US, these attacks will use the deadline (May 17, 2021 – extended from April 15, 2021) to file your income tax returns as bait. In the UK, these attacks will use your potential tax refund as bait.
But we’re here to help.
Here’s what you need to look out for and what to do in case you’re targeted by Tax Day scams.
As is the case with other phishing and spear phishing attacks, bad actors will be impersonating trusted brands and authorities and will be – in some way – motivating you to act.
Want to learn more about impersonation or get a better idea of what the average phishing attack looks like? Check out these articles:
Please note: In this article, we’re exploring Tax Day scams on email. You may also receive phone calls or text messages from bad actors, claiming that you’re being investigated for tax fraud or have an overdue bill. They may also simply request more information from you, like your name and address, or bank account details.
You shouldn’t give any of this information away over the phone. Government organizations will never call you or use recorded messages to demand payment.
Now, let’s take a closer look at how they do both through a series of examples.
You can learn more about CEO impersonation (also called CEO fraud) in this article: What is CEO Fraud?
From the examples above, you can see that cybercriminals will target a range of people with their Tax Day scams. Taxpayers, tax professionals, and businesses are all susceptible and savvy hackers will use different tactics for each.
Here’s what you should look out for.
For more information on payloads, read this article: What is a Malicious Payload and How is it Delivered?
While it’s true that attackers use different tactics and capitalize on different moments in time to trick their targets, individuals and businesses should always follow the same guidelines if they think they’ve received a phishing email.
As a security start-up, we’re committed to helping you stay safe. If you’re looking for more information on Tax Day scams, consult the following government websites.
Looking for more advice about scams? Sign-up to our newsletter below to get articles just like this, straight to your inbox.