Your 2020 tax scam training guide
Hold on to your W-2s and returns because tax season is on the way! As if deductions, exemptions and return distribution wasn’t enough, tax season becomes open season for cybercriminals hunting for sensitive information, credentials and even a direct deposit of your employees’ tax returns.
To help you prepare your employees and protect your organization from the upcoming tax season scams, we compiled our top tax season phishing templates and training recommendations plus a free phishing poster and email template to help you communicate the importance of tax season security for every employee at your organization.
Tax season phishing templates
Each of the following phishing templates are available in the Infosec IQ security awareness and training platform, allowing you to launch a simulated phishing campaign to test employees and deliver training to those who need it most.
1. W-2 attachment attack
Attack type: Attachment
Attack objective: Deliver malware
Infosec IQ template name: Tax forms – Attachment w/ drive-by link
W-2 phishing attacks come in many shapes and sizes and often strike in January, when employees are waiting to receive their W-2 from their employer. In this phishing email, the attacker baits the victim into clicking a malicious link or downloading a malicious attachment to install malware on their machine.
2. W-2 business email compromise (BEC) attack
Attack type: BEC
Attack objective: Steal employee or organization information
Infosec IQ template name: W-2 Request
In this W-2 attack, the scammer poses as a manager or executive and targets HR staff to steal the W-2s and personal information of employees. With this BEC attack, the scammer doesn’t need access to a network or business systems. Instead, they only need the victim to reply to the email with the requested information.
3. Free online access to tax forms
Attack type: Drive by or data entry
Attack objective: Steal employee information or credentials
Infosec IQ template name: Tax Form Management Access
Generic offers to access your tax documents are another popular phishing tactic used to redirect victims to a malicious website. These attacks may also redirect the victim to a spoofed login page to steal the victim’s personal information such as their social security number.
4. Tax preparation software drive by
Attack type: Drive by
Attack objective: Redirect to malicious site
Infosec IQ template name: H&R Block – File Your Taxes
Some scams approach tax season from the opposite direction by impersonating tax preparation software, services or CPAs. These attacks work like most common drive by attacks, but leverage tax season to create urgency with short-term or extravagant offers.
5. Tax return credential theft
Attack type: Drive by or data entry
Attack objective: Steal employee information or credentials
Infosec IQ template name: TurboTax – Return Accepted
In an even more sinister variation to tax preparation scams, some hackers attempt to steal login credentials to access victims’ tax software accounts. Once gaining access, attackers can retrieve personal information and documents or interfere with the victim’s filing process or tax return.
6. IRS tax notice
Attack type: Attachment, drive by or BEC
Attack objective: Steal employee information or credentials
Infosec IQ template name: Tax Notice
Although the IRS insists it will never contact taxpayers via email, text message or social media, scammers continue to use these tactics to trick victims into clicking malicious links, downloading attachments or even sending payments. Although these attacks peak during tax season, they are frequently used year-round.
To read the rest of the blog, click here »