Phishing Risks Go Up During Tax Time
April 10, 2019
It’s tax season, so that means it’s also time to lookout for suspicious emails from scam artists trying to take your money or personal information. You should double check any emails that appear to be from government agencies, your credit card company, or even your bank. Scam artists often send emails pretending they are legitimate organizations. They are hoping you believe the email is from an organization you trust and would normally share information with. The scammers’ goal is to trick unsuspecting people to give up personal or financial information.
The senders of these phishing attacks go beyond simply asking a few questions in the hopes that the recipient will share their personal information. They often send out emails with links to malicious websites that can install malware or ransomware on your computer against your will. This software will comb through your files for personal or financial information, or lock your computer until you pay a fee to a nefarious individual to get it removed.
Never click on any links in a suspicious email. Hover your mouse cursor over any links before clicking on them and check the URL preview that appears on the bottom bar of your email program or web browser. Do you recognize that website? You also should never open any email attachments from someone you don’t know because they may contain malware designed to compromise your computer and extract personal information. Be wary of even opening any emails from people you don’t recognize because they may contain embedded content that will be executed and installed on your computer as soon as the email is simply opened.
You must learn to spot these types of phishing attempts to ensure that your money and personal information remains safe. For example, be wary of emails that make grand promises or warn you to respond immediately. If you weren’t expecting an email, be wary of its contents.
During tax season, several of these email phishing attempts may appear to come from the Internal Revenue Service, or IRS. However, the IRS does not send emails, text messages, or posts or messages on social media directly to individuals to request personal or financial information. They also will not request PIN numbers, passwords, or similar access information tied to your debit or credit cards, or your bank account.
If you do click on a suspicious link, keep an eye on your financial statements.
If you discover an email claiming to be from the IRS, you can simply forward it to firstname.lastname@example.org, and then delete the email. You can also send the URL of a suspicious website to email@example.com with the subject line “Suspicious website.” These attacks are not limited to email! You may even receive a text from a nefarious individual requesting or demanding personal information. You can forward these texts to 202-552-1226 (standard text rates apply).
If you find yourself the victim of a phishing attack, please contact the IRS, file a report with the Treasury Inspector General for Tax Administration (TIGTA), the Federal Trade Commission, and your local police department.
You can visit https://www.us-cert.gov/ncas/tips/ST15-001 for more information and ways to protect yourself.