IRS Tax Tip 2019-120, September 3, 2019
Tax professionals should remember to educate everyone who works for them to be on the lookout for phishing emails. Sending scam emails is still the most common tactic used by cybercriminals to steal sensitive data.
More than 90 percent of all data thefts start with a phishing email. Cybercriminals use phishing emails and malware to gain control of computer systems or to steal usernames and passwords. It’s important tax pros and every single one of their employees know how to spot these scams. Tax professionals and others in the business world are only as safe as their least educated employee.
Here are some tactics thieves use to steal data:
Spear phishing
- Spear phishing is a type of phishing scam. The objective of a spear phishing email is to pose as a trusted source and “bait” the recipient into opening an embedded link or an attachment. The email may make an urgent plea to the tax pro to update an account immediately. A link may seem to go to another trusted website, but it’s actually a website controlled by the thief.
Keylogging
- An attachment may contain malicious software called keylogging. This software secretly infects a computer and provides the thief with the ability to see every keystroke. Thieves can then steal passwords to various accounts. The thief can even take remote control of computers, enabling them to steal taxpayer data.
Pretending to be a client
- A common spear phishing scam is when the thief poses as a prospective client and sends an unsolicited email to a tax professional. After an exchange of emails, the thief sends a follow-up email with an attachment. The thief claims it contains the tax information needed to prepare a return. Instead, it contains spyware that allows thieves to track each keystroke.
Sending links
- Thieves pose as tax software providers or data storage providers with emails containing links. These links go to web pages that mirror real sites. The thieves’ goal is to trick tax professionals into entering their usernames and passwords into these fake sites, which the crooks then steal.
Ransomware
- Another trick used by thieves is ransomware. In this scam, the thief doesn’t steal the data, they encrypt it. Once they encrypt the data, thieves demand a ransom in return for the code to unencrypt the data. The FBI warns users not to pay the ransom because thieves often don’t provide the code.