Nothing is certain in this life but death, taxes, and phishing scams. Are you ready to tackle sophisticated fraudsters this tax season?

Phishing Bait - The Art of Deception

It's human nature to be curious, which is why social engineering hackers take their time to research, plan, and execute sophisticated phishing schemes to manipulate unsuspecting targets. Some reports estimate an increase of 60-70% in tax-related phishing since 2016.

The IRS reported that recent tax seasons have seen a rise in payroll personnel being tricked into disclosing employee names, addresses, social security numbers, and more. W-2 forms are the perfect storm of information for these fraudsters if they are successful, which is why education and more stringent handling policies need to implemented.

W-2 Phishing Emails on the Rise

In a recent Internet Crime Complaint Center (IC3) notification, an alert was released regarding the increase in W-2-related phishing emails. According to the IRS Online Fraud Detection & Prevention (OFDP) division, criminals have matured their tactics from single user scamming, to large scale data thefts through compromised and spoofed W-2 emails while impersonating HR professionals, executives, and other individuals in positions of authority. Scammers often lure victims into providing tax and other personal information through soft social skills and malicious links. https://www.ic3.gov/media/2018/180221.aspx

How to Avoid Phishing Scams and Minimize Spamming

If we could distill the two main sources of protection for your business, they would be a robust spam filtering solution and user training to combat against human error.

Spam Filtering technology offers anti-spam and multiple layers of malware protection for secure business email. Installing top-of-the line spam filtering such as our PtMX - Mail Filtering solution (powered by Mimecast), is an essential step in the right direction. This will greatly minimize the onslaught of spam and email phishing by quarantining suspected messages before they even reach user inboxes.

User Training and education cannot be stressed enough. Take appropriate steps to ensure that employees handling sensitive information for your organization understand how to spot W-2 related schemes. It's also important to provide staff the information they need to report potential issues and compromises.

Avoid Phishing Scams by confirming the address of the sender and looking for odd language or typos in the subject title. Is there a threatening tone to the message? Are you being asked for personal information? If so, report the situation immediately. Do not open or forward the email.

How to Report W-2 Phishing Emails

If you suspect that you have responded to a phishing scam, it's important to protect your identity and minimize damage by utilizing the following tips:

Inform your IT department, HR support, and/or outsourced Managed Technology partner immediately if you suspect unusual requests for sensitive data

When in doubt, never open an email with an attachment without reaching out to your IT support for critical review

Employers can learn more about reporting by visiting: https://www.irs.gov/individuals/form-w2-ssn-data-theft-information-for-businesses-and-payroll-service-providers

Make Your Business Email Safer

With over 91% of hacking attacks beginning with phishing or spear-phishing, it's important to combat email related threats before they reach your network. PtMX - Email Security (powered by Mimecast) is Platinum Systems' critical line of defense service.

Users are set up for success with a daily spam digest (email) that contains a summary of quarantined messages. Spam has a near-impossible time passing through multiple layers of filtering before it even reaches quarantine. Messages marked as potentially legitimate are cordoned off, giving users the ability to securely release, block, or permit messages.

Phone App, Web Portal, and Outlook Plugin options are available that allow you to interact with your quarantined messages through a web portal and mobile devices. If you use Microsoft Outlook to check email, an optional plugin is available as well to allow interaction directly with your quarantined messages.

Find out more about our email security services by calling or emailing:

888.910.4407 | solutions@platinumsystems.net

Want to know more?