As per IRS bulletin IR-2016-103, The Internal Revenue Service recently alerted tax professionals of a phishing email virus that pretends to be from tax software providers and directs recipients to click on a bogus link. This email scheme is just one in a series of attempts by e-cons to use the IRS or other tax or related issues as a cover to fool people into giving up sensitive information such as passwords, Social Security numbers and credit card numbers, or to make unnecessary payments.
In this latest scheme, tax professionals in particular are receiving emails pretending to be from tax software companies. The bogus email requests the recipient to download and install an important software update via a link included in the e-mail. Once the recipient clicks on the embedded link, they are directed to a website prompting them to download a file appearing to be an update of their software package. The file looks legitimate as it has a naming convention that uses the actual name of their software followed by an “.exe” extension.
While the software user believes they have downloaded a software update, they in fact have downloaded a program designed to track the users key strokes, a common tactic used by cyber thieves to steal login information, passwords and other sensitive data.
Similar email phishing viruses using tax software names, as well as the IRS name, have targeted other businesses and individuals.
The IRS and computer professionals in general urge all computer users to be very aware of security threats posed by identity theft issues. The IRS’s awareness campaign is an ongoing effort to urge tax professionals and private individuals to step up their security protections and be aware that they we are all the targets of cyber-criminals.
IRS/Professionals urge all individuals to take the following security steps:
- Never click on any link from any unknown source or individual.
- Even if you know the source, always confirm with the sender that they did send the message and it is safe to open the link.
- Be alert for phishing scams. Do not click on links or open attachments contained in e-mails from supposed vendors. Always utilize a software provider’s main webpage for updating software.
- Review any software that employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.
- Run a security “deep scan” to search for viruses and malware.
- Strengthen passwords for both computer access and software access; make sure your password is a minimum of 8 digits long (more is better) with a mix of numbers, letters and special characters.
- Educate all associates and family members about the dangers of phishing scams in the form of emails, texts and calls.
About Time & Pay:
Time & Pay is a professional payroll service provider located in Johnson City, TN. We service businesses of all sizes and types throughout the United States. Founded in 1992, Time & Pay provides businesses with complete payroll services , guaranteed payroll tax compliance, automated time and attendance systems and services, pay-as-you-go worker’s comp, human resource management systems and services, ACA compliance and more. We provide our customers with the cost effective tools you need to better manage your payroll, your employees and your business. Time & Pay’s services guarantee you will save money, time and aggravation and we back them up with the customer service you expect and deserve. Contact Us today to learn why business owners throughout the country are saying:
“Time & Pay! Why would you do payroll and timekeeping any other way?”
Payroll Services in Kingsport, TN; Bristol, TN; Johnson City, TN; 423-854-9042
Payroll Services in Morristown, Greenville, Knoxville, TN 423-957-9505
Payroll Services in Cleveland, Chattanooga, TN 423-794-7855
Payroll Services in Newport News, VA 757-240-2766