Oct 21, 2016
Posted in Tax software
Regardless of your lots of hard and smart work coupled with cost-effective pricing, and experience, a few leaked or infected emails can ruin your business as well as its reputation. Since emails are constantly streaming over the Internet, they are always vulnerable to the cyber threats. At some regular intervals, being a top tax body, IRS always passes various information and security bulletins to tax industry for different newly arrived threats and at the same time, they recommend many security patterns to successfully avoid and neutralize those threats. Hence, it is imperative for tax practitioners to know the latest white paper released by IRS about a new email phishing scheme that is causing nightmares to many tax professionals. So, who is that wanted guest, desperately trying to play with our confidential information, let us know.
“Phishing attacks fool users into sending their passwords, in the clear, to an unintended website,” says Dan Boneh, an associate professor of computer science and electrical engineering. “Since Internet users often use the same password at many websites, a phishing attack on one site will expose their passwords at many other sites.” But in layman’s term, Email phishing is a technique used by intruders or hackers to install their utility on user’s computer by falsely claiming to be from some vendor of the user. Later, using the same utility to track the different activity of the user to crack passwords and other confidential information.
The latest security bulletin released by IRS informs tax professionals about a recent phishing scheme that pretends to be from tax software vendor and convincing users to go through some bogus links by tricking. This is not the first of its kind but definitely the latest, that targets tax professionals to fetch some sensitive information like: passwords, social security numbers, or credit card details, or even to make unnecessary payments.
As a tax professional, you must know how exactly you are convinced to follow the intruders instructions. You may receive an email pretending to be sent from the tax software provider, claiming that a update is available for the tax software you use. You open the email, and it contains almost the same material as your tax software provider sends to you. The same email has a downloadable link and you are advised to download the software update through that link. Once you hit the link, it redirects you to a different website and appearing to download a software update with .exe extension.
Once you download and install the software sent by the fraudsters, you believe that you have installed an update but it appears to be especially designed utilities, capable of capturing your keyboard strokes. Since, this is the common practice used by cyber thieves to steal your information like: login details, CC details, and other sensitive and confidential information.
To get more details from IRS: Publication 4557
By Saloni Arora Date : Nov 19, 2018
By Ayushi Jain Date : Nov 13, 2018