We realize that Identity Theft is a real risk to everyone and are doing all we can to protect your data.. We are using Office 365’s Email Encryption to secure our communications with you assuming your email is able to received encrypted messages. We have increased our network security and employed more secured systems in order to reduce risk to your tax data.
On your end, please make sure that you are on the lookout for spear phishing emails. These differ from general phishing emails in that the thief has researched the target before sending the message. An email may appear to be from a colleague, a client, a cloud storage provider, tax software provider, the IRS, or a state government. Spear phishing emails are one of the most common way data thieves will try to steal your personal information.
Here are some facts about spear phishing emails to help you recognize the scam and avoid becoming a victim:
- The objective of a spear phishing email is to pose as a trusted source and bait the recipient into opening an embedded link or an attachment.
- The email may make an urgent plea to update an account immediately. This link may seem to go to another trusted website, but it’s actually a phishing website controlled by the thief.
- Those who fall victim to spear phishing tactics often voluntarily disclose sensitive password information. This can also happen by clicking on a malicious URL or malicious attachment included in the spear phishing email which then installs malicious software.
- An attachment may contain malicious software such as a keylogger. Once installed, the keylogger secretly records every keystroke typed on the computer which is then made available to the thief. With certain malicious software, thieves can lock out users from a computer, steal passwords to accounts, or even take remote control of computers. This allows thieves to steal taxpayer data.
- Once a thief succeeds with their spear phishing scam, it allows them to create additional spear phishing scams. The criminal does this by targeting clients, colleagues and friends of the original recipient.
The IRS and its partners in the Security Summit are alerting tax professionals to spear phishing emails as part of the Tax Security 101 awareness initiative to provide the basic information that they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns. We are paying close attention to this information and will continue to keep you updated on best practices for protecting your identity.