RE: Phishing Season
February 2, 2020

Post

Cybercriminals are known to use seasonal behaviors as well as crises to take advantage of human nature. Cybersecurity experts and organizations are asking people to be especially mindful of the following scams during this time of year.

IRS Impostor Scams

are in full force during tax season. An impostor will claim that you owe taxes and then demand immediate payment 鈥 usually in the form of a prepaid debit card or gift card. They can be fairly convincing because your caller ID might show that the IRS is calling, and they are often able to recite the last 4 digits of your Social Security Number.

It is important to understand that the IRS does not send unsolicited emails and will never engage in this behavior.

W-2 Solicitation

Cybercriminals are continuing to into disclosing sensitive information such as employee name, SSN, income, tax withholdings, etc. By posing as high level management or executives, and engaging in casual conversation, they lure people into handing over PII for the organization鈥檚 entire workforce.

Phishing scams are also targeting W-9 forms since they include similar sensitive information.

Tax Identity Theft

Tax identity theft occurs when cyber thieves use someone else鈥檚 personal information to fraudulently file and claim a return. People need to be vigilant in protecting their Social Security Number, passwords, etc. by not giving them out to unverified people or websites.

The Federal Trade Commission (FTC) recently created a website in an effort to help educate taxpayers. The FTC鈥檚 #1 piece of advice is to 鈥淧rotect your SSN throughout the year. Don鈥檛 give it out unless there鈥檚 a good reason and you鈥檙e sure who you鈥檙e giving it to.鈥

The Coronavirus

Cybercriminals are exploiting concerns over this latest event to try to lure victims into responding. Currently, this scam uses the World Health Organization logo as a lure to add legitimacy.

Fortunately, the current iteration of this phishing scam is unprofessionally formatted, contains several spelling errors, and its destination website it highly suspect, all of which are indicators that should raise several red flags.

Romance Scams

Although this may initially seem unnoteworthy, Valentine鈥檚 Day is almost here. Romance scams are so prevalent and profitable that the FBI recently issued a warning along with .

Remember to be mindful when using email and make sure that you recognize phishing attempts when they occur. Do not click links or open attachments unless you can verify the sender is legitimate and know the content is safe.

 

If you have any questions regarding this advisory, please feel free to email the Office of Information Security.