With the 2021 tax season underway, cybersecurity analysts are seeing an increase in the number of impersonation attacks focused on stealing personal information through voice phishing, texts, and email and taxpayers are at their most vulnerable during income tax self-assessments due to uncertainties over filing processes. 135 million people filed electronically last year according to the IRS, many on their phones. Unfortunately, there’s no appreciable way to halt these types of impersonation attacks on a large scale. The best defense depends on individual cyber awareness and an understanding of red flags that suggest foul play. Fight Tax Fraud: Cyber Awareness Best Practices Impersonation attackers will seek to exploit taxpayer confusion to persuade and coerce victims into divulging sensitive information. Familiarity with the cyber awareness best practices below will help victims mitigate risk and defend their assets:
- Filing taxes early can prevent scammers from filing them in a taxpayer’s stead
- Use password-protected WiFi and login practices when filing electronically.
- Check URLs for the “s” at the end of “https”, which stands for secure encryption.
- Be wary of "ghost" tax return preparers.
- Respond to official IRS communications as soon as possible.
Practicing cyber awareness by avoiding voicemails, text messages, and emails that seem suspicious can protect individuals from detrimental financial and data loss. Recognizing the signs may mean all the difference for families throughout the United States this coming tax season.
Phones are also a Common Threat Vector for Impersonation Attacks!
Identifying common threat vectors as a taxpayer is a crucial safeguard in protecting information and financial assets, especially going into the 2021 tax season. Scammers contact targets by vishing and encourage them to call back with private information; they also reach out via text or email, posing as the IRS. These may come as reminders to file or tax preparation offers, and some have begun mailing official-looking, fraudulent letters as well. Hackers use these avenues to offer fake tax rebates using malicious links. Impersonators will also leave accusatory voicemails or emails to manipulate victims and cause fear and alarm. The IRS has stated they will not reach out to discuss financial matters through email, text, or social media, and calls are generally reserved for follow-up to an official letter. Malicious messages like this are a prime example of fraud, playing on the fears of the victim to invoke an impulsive response. Thousands of taxpayers fall into these traps every year and Cybercriminals play on taxpayer uncertainty with disinformation, coercing victims into providing banking details, social security numbers, and other personal information.