The 2014 Tax Season is upon us and the US Computer Emergency Readiness Team (US CERT, http://www.us-cert.gov/) is providing some good advice for the barrage of scams and malware campaigns that are certain to come. We’ve already seen this story from the BBC that 360 million account credentials including email addresses and passwords were reportedly uncovered, many of which were tax preparers and I suspect will be used in spear phishing attacks as the criminals piece the data together. We will be posting information about attacks on our Facebook page and Helpdesk news site as we find them but the the liklihood of us catching all of them is very low. Take a moment to review the article over on US CERT and, anytime that you get online solicitations that are reportedly from the IRS or your / a tax preparer, always be skeptical. If you weren’t expecting it, rather than clicking the link or replying to the email, contact the reported sender via phone and confirm that they sent it. If they did not, you may be able to provide them with information (where the email reportedly came from, where the link leads to, etc.) that can help track down the criminal and keep them from targeting someone that wasn’t so tech savvy.
US CERT Warning – http://www.us-cert.gov/ncas/current-activity/2014/02/26/US-Tax-Season-Phishing-Scams-and-Malware-Campaigns