<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=352585001801011&amp;ev=PageView&amp;noscript=1">
Jonathan Stone

By: Jonathan Stone on March 3rd, 2020

Print/Save as PDF

Why Hackers Love Tax Season and How You Can Protect Your Business

Cybersecurity | Executive Consulting | In the Media

During tax season, personal information is being exchanged at a much higher rate than any other time of year.

Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them.

There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right.

For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on FOX61 Morning news to offer tips to viewers to avoid tax season scams.

In recent years in Connecticut, we've had some noteworthy cases of W2 fraud.

In one instance, an employee at the Groton School District received what appeared to be an email from their boss asking for the W2 forms of all employees. They complied, unknowingly sending the personal information of 1,300 people to a hacker.

The hacker implemented the same scam with multiple school districts including Glastonbury, where they obtained information that enabled them to file fraudulent tax returns netting some $37,000.

They were ultimately caught, convicted, and sentenced to three years in prison, but this story is all too common. During tax season, companies and individuals fall prey to scams like this frequently but we don’t hear about them because they aren’t public employees.

Typically, the hackers get away with it.

 

Taxes are confusing. It’s no wonder people get tricked.

The Groton School District story is a reminder that most hacks these days aren’t “brute force” attacks in which hackers gain access purely through technological means. They almost always trick individuals into giving up data.

This is all the more true during tax season when people are already sharing their data with accountants, financial planners, and the IRS.

The most common tactic is phishing, which is highly sophisticated these days. A hacker may gain access to an email account at your company and observe the schedule and writing style of the messages, then send an email asking for tax info at the right time and tone for it to be believable.

There are many ways to pull off phishing attacks, so the one crucial rule to remember during tax season is not to email any sensitive information to anyone. Your accountant or comptroller should have a secure system for transferring documents online.

 

Simulated Phishing Test CTA

About Jonathan Stone

In his role as Chief Technology Officer for Kelser, Jon ensures that the strategies we craft advance business outcomes for our clients.

Suggested Posts

Visit Our Learning Center