There’s an old saying about the two constants that everyone must deal with: death and taxes. With today’s technological advancements, a third should be added…phishing scams.
The term “phishing” refers to the act of a scam artist posing online as a legitimate company or entity with the intent of depriving unsuspecting users of their money or personal identity. Like the name suggests, scammers are literally “fishing” for willing victims online. While most phishing scams focus on consumers, the IRS has warned of new schemes that target businesses and professional firms.
Essentially, scammers will send emails pretending to be software companies asking to load updated versions of tax software onto a user’s computer. However, instead of including new software, the user will download malware onto their machine that will track the user’s keystrokes, search patterns and seek out other sensitive information such as logins and passwords.
While the Internal Revenue Service has only seen a handful of cases where information has lost to such a scam, it is a reminder of how vigilant businesses must be when handling sensitive financial information.
To that end, the IRS discourages users from clicking on links or open attachments in emails sent from companies or individuals they do not know. Additionally, support staff should be trained on how (and why) they should not respond to unfamiliar emails or electronic correspondence. Also, consistent reviews of any software used to allow employees to remotely access the firm’s network should be made to protect against unauthorized access.
The preceding is not legal advice.