How Firms Can Recognize and Fight Phishing Attacks

gloved hand coming out of a laptop taking a credit card
BrianAJackson_istock_phishing
Todd O'Boyle
Chief Technology Officer
Strongarm
Blogger
Share this content

Phishing is one of the most common types of cyberattacks facing accounting firms as criminals work to follow the money, targeting the keepers of large amounts of confidential financial information. 

And with tax season in full swing, we should take a look at what accounting firms and tax preparers need to know about phishing attacks, as well as how they can keep their practices and clients safe.

What is a Phishing Attack?

In a phishing attack, the cybercriminal, posing as a trustworthy source, tries to trick the recipient into taking the attacker’s desired action, such as providing sensitive information. A cybercriminal can cast a wide net with a phishing attack or hand-select a potential victim in a more targeted attack called spear phishing. Once a person takes the bait, the attacker can then use that information to carry out the malicious deed.

Types of Phishing Attacks

One phishing scam making the rounds this tax season involves an attacker pretending to be from the IRS, another accounting firm, or posing as a client, and asking for legal or tax forms, such as a W-2 or W-9. The attacker then races to use the employee W-2 or contractor W-9 to file fraudulent tax returns.

Some other phishing attacks that we’ve been seeing recently involve scams targeting PayPal users and those appearing to be from Apple Tech Support. These phishing emails revolve around your account being “hacked” or an “important” notice regarding your data. 

How to Recognize a Phishing Attack

While phishing can take the form of online advertisements or a phone call, they often take the form of emails. Remember that businesses should not ask for your password, login names, Social Security numbers, or other personal information by email.

If you’re not sure if an email is legitimate, there are several red flags to look out for:

Please Login or Register to read the full article

To access all of the content on our site, register (it's free!) or login to your existing account.

Replies

Please login or register to join the discussion.

avatar
By isutton
Mar 16th 2017 21:02

This is a great read. Given recent events, cybersecurity is a hot button issue in contemporary society. As accountants, we frequently encounter individual's or business' sensitive information. Knowing how to keep that information from being reached by outsiders is paramount to forming a trusting relationship with clients. Everyone should be aware of the tactics and means by which people attempt to access information that they do not own. Thank you for the article, I learned a lot!
-Ian Sutton, May 2017
Tulane University

Thanks (2)
avatar
Mar 21st 2017 04:03

Wow I will recommend it to students of Engineering Colleges in Kolkata. They should definitely have a look.

Thanks (1)