Skip to main content

Be on Alert for Phishing Scams during Tax Season!

March 08, 2017

Once again tax season is upon us, and with it brings increased phishing attempts targeted at obtaining tax information from both for-profit and non-profit organizations. The attackers target personnel who handle employee tax information— HR, finance, accounting and payroll — by posing as high level executives requesting sensitive information belonging to employees such as W-2 forms, earnings statements, salary information, social security numbers and home mailing addresses. Once the attackers have this information, they can file fraudulent tax returns to obtain phony tax refunds. 

Tax Season Alert

These attempts might be very obvious or they may be sophisticated. Here are a few helpful hints to help you identify these phishing attempts:

  • Verify the identity of the sender: Is the sender email address correct? A simple call to the sender can quickly resolve any suspicions.
  • Confirm the legitimacy of the request: Is the person authorized and need to have access to the data they are requesting?
  • Analyze the tone and language of the email: Does it match the past correspondence from the sender?

If you receive an email asking for you to send sensitive information, always question the legitimacy and take action to confirm the request. There are very few scenarios when a request for sensitive information would be made in email. If you are not comfortable confirming the request, you can always send a request to your finance and HR departments to verify the request. 


    Ping Look

By: Ping Look

Executive Advisor, Security Communications and Awareness

See More

Related Blogs

November 25, 2014

'Tis the Season for Phishing

It’s that time of year again, the holiday season. A time filled with friends, family, good food, and celebration. But of course it has its downsides a...

See Details

May 20, 2013

Tip of the Spear: Phishing or SpearPhishing?

Ever wonder what the difference between phishing and spearphishing is? What about whaling? As someone in the information security business, I get ask...

See Details

December 13, 2012

Preparing for the Next Spear Phishing Attack

If you need proof that any organization can be hacked, even the most secure ones, just do an Internet search for “spear phishing attacks.” You might b...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

September 16, 2014

Phishing with Smitty: A Unique Tool for Solicitation Attacks

This post will introduce you to the Smitty SMTP utility, which is a fully featured email client. We use this tool as a means to effectively deliver em...

See Details

November 11, 2015

Phishing in Perspective: It Only Takes One

Learn about recent phishing attacks and how you can prevent them.

See Details

November 03, 2015

The Three Es of Modern Email Security for Phishing

Learn about an effective approach to reduce your organization’s attack surface.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.