Don’t Fall Victim to Spear Phishing
Did you know that spear phishing email is the most common way data thieves enter a tax pro’s digital network to steal client information? Week four of the IRS’ “Tax Security 101” campaign takes a deep dive into this cyber crime.
With spear phishing emails, thieves have researched their targets. An email may appear to be from a colleague, a client, a cloud storage provider, tax software provider or the IRS. The objective is to pose as a trusted source and bait the recipient into opening an embedded link or an attachment. An attachment may contain keylogging software that allows the thief to see every keystroke. Thieves can steal passwords to various accounts or even take remote control of computers, enabling them to steal taxpayer data.
Below are some tips to help tax pros avoid phishing scams:
Use separate personal and business email accounts.
- Install an anti-phishing toolbar to help identify known phishing sites.
- Never open or download attachments from unknown senders, including potential clients. Instead, make first contact by phone.
- Make sure documents you email to clients are password-protected and encrypted.
- Do not respond to suspicious or unknown emails.
- If suspicious emails are IRS-related, forward them to firstname.lastname@example.org.
for more tips on how to protect yourself from spear phishing attacks.