{"id":17874,"date":"2020-03-17T20:26:27","date_gmt":"2020-03-18T04:26:27","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11607\/"},"modified":"2020-03-17T20:26:27","modified_gmt":"2020-03-18T04:26:27","slug":"news-11607","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11607\/","title":{"rendered":"Tax Scams \u2013 Everything you need to know to keep your money and data safe"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Tue, 10 Mar 2020 13:08:46 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Tax season has always been a pretty nerve-wracking time for hard-working Americans. But over the years, technology advances have arrived to gradually make the process a bit easier. The bad news is that they can also introduce new cyber risks and even more stress.<\/p>\n

There are two things that cybercriminals are always on the hunt for: people\u2019s identity data from their accounts, and their money. And during the tax-filing season both can be unwittingly exposed. Over the years, cybercriminals have adapted multiple tools and techniques to part taxpayers with their personal information and funds.<\/p>\n

Let\u2019s take look at some of the main threats out there and what you can do to stay safe.<\/p>\n

What do they want?<\/strong><\/p>\n

Cybercrime is a highly efficient money-making business. Some reports suggest this underground economy generates as much as $1.5 trillion each year. (See Into the Web of Profit<\/em><\/a>, April 2018, McGuire, Bromium.)<\/em> And tax-related scams are an increasingly popular way for the bad guys to drive-up profits. The Internal Revenue Service<\/a> (IRS) claims that \u201cthousands of people have lost millions of dollars and their personal information\u201d to such attacks.<\/p>\n

The bottom line is that they\u2019re after one of two things: to trick you into wiring funds to them, and\/or to get hold of your personally identifiable information (PII), including bank account and Social Security Numbers (SSNs). This personal data can subsequently be used to defraud you or the IRS, or may be deployed in follow-on identity fraud schemes to capture illicit funds from you.<\/p>\n

There are various ways cyber-criminals can achieve these goals. The most common is by using social engineering tactics to trick taxpayers into sending money or personal information. But they might also use malware, either delivered to you personally or targeted at your tax preparer. This means you not only have to look after your own cybersecurity but also demand that the third-party businesses you work with store and transmit your sensitive information securely.<\/p>\n

Look out for these scams<\/strong><\/p>\n

Here\u2019s a round-up of the most popular tactics used by tax scammers today:<\/p>\n

Impersonation: <\/strong>The fraudster gets in touch pretending to be an IRS representative. This could be via email, phone, social media or even SMS. They usually claim you owe the IRS money in unpaid taxes or fines and demand a wire transfer, or funds from a prepaid debit card. Sometimes they may ask for personal and financial details\u2014for example, by claiming you\u2019re entitled to a large tax refund and they just need you to supply your bank account info.<\/p>\n

These interactions are usually pushy. The scammer knows the best way of making you pay up is by creating a sense of urgency and, sometimes, shaming the individual into believing they\u2019ve been withholding tax payments. Phishing emails may look highly convincing, right down to the logo and sender domain, while phone callers will use fake names and badge numbers. Sometimes the scammers use personal data they may have stolen previously or bought on the Dark Web to make their communications seem more convincing.<\/p>\n

In some impersonation scams, the fraudsters may even pretend to work for charities<\/a> and ask for personal details to help disaster victims with tax refund claims.<\/p>\n

Spoofing, phishing, and malware: <\/strong>In some cases, a text, email or social media message spoofed to appear as if sent from the IRS or your tax preparer actually contains malware. The scammers use the same tactics as above but trick the recipient into clicking on a malicious link<\/a> or opening an attachment laden with malware. The covert download that follows could result in: theft of your personal information; your computer being completely hijacked by hackers via remote control software; or a ransomware download<\/a> that locks your computer until you pay a fee.<\/p>\n

Fake tax returns: <\/strong>Another trick the scammers employ is to use stolen SSNs and other personal information to file tax returns on your behalf. They can then try to claim a large payment in tax refunds from the IRS. The PII they use to file in your name may have been taken from a third-party source without your knowledge, and the first you might hear of it is when you go to file a legitimate tax return. It can take months to resolve the problem.<\/p>\n

Attacks targeting tax preparers: <\/strong>Over half of Americans<\/a> use third-party tax preparation companies to help them with their returns. However, this offers another opportunity for scammers to get hold of your sensitive information. In one recently discovered campaign<\/a>, malware deployed on tax preparers\u2019 websites was designed to download to the visitor\u2019s computer as soon as they loaded the page. The IRS warns<\/a> that businesses large and small are potentially at risk, as scammers are keen to get hold of tax information which enables them to file highly convincing fake returns in your name.<\/p>\n

What to do<\/strong><\/p>\n

The good news is that by taking a few simple steps you can insulate yourself from the worst of these scams. Remember: the IRS does not contact<\/em><\/strong> taxpayers by email, text messages or social media to request personal\/financial information\u2014 so if you receive communications that do, they are definitely a scam. It\u2019s also important to remember that scams happen all year round, not just in the run-up to the tax filing deadline. That means, unfortunately, that you need to be on your guard all the time.<\/p>\n

Here are a few other recommendations:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

It also pays to demand that your tax preparer take their own precautions to keep your data secure. They should not be sending sensitive data or documents unencrypted in emails and must take steps on their own to combat phishing emails that target employees, since these can cascade to you during your tax preparation process. Whether hosted in the cloud or running on-premises, the servers that hold your data should also have adequate protection\u2014and you have a right (and a duty to yourself) to ask ahead of time what they\u2019re doing to protect it.<\/p>\n

According to the IRS<\/a> tax preparers should put the following internal controls in place:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Install anti-malware on all web and storage servers and keep their software automatically updated.<\/li>\n
  • Encourage the use of unique, strong passwords via a password manager for each account, and deploy multi-factor authentication technology for clients.<\/li>\n
  • Encrypt all sensitive files and emails exchanged with strong password protections.<\/li>\n
  • Back-up sensitive data regularly to a secure off-site source.<\/li>\n
  • Wipe clean\/destroy any old hard drives and printers containing sensitive data.<\/li>\n
  • Limit access to taxpayer data to staff who need to know.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

How Trend Micro can help<\/strong><\/p>\n

Trend Micro offers a range of security tools to help taxpayers keep their personal and financial information safe from fraudsters.<\/p>\n

Our flagship consumer solution Trend Micro Security<\/a> (TMS) provides the following protections:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

To find out more, go to our Trend Micro Security<\/a> website.<\/p>\n

The post Tax Scams – Everything you need to know to keep your money and data safe<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Tue, 10 Mar 2020 13:08:46 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Tax season has always been a pretty nerve-wracking time for hard-working Americans. But over the years, technology advances have arrived to gradually make the process a bit easier. The bad news is that they can also introduce new cyber risks and even more stress. There are two things that cybercriminals are always on the hunt…<\/p>\n

The post Tax Scams – Everything you need to know to keep your money and data safe<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[11013,18778,10453,10789,24379,11738,23281,19990,24380],"class_list":["post-17874","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-anti-malware","tag-anti-phishing","tag-antivirus","tag-consumer","tag-identity-protection","tag-multi-factor-authentication","tag-password-management","tag-ransomware-protection","tag-tax-scams"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17874","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17874"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17874\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17874"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17874"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17874"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}