Beating The Tax Phishers At Their Game
Hackers win because people are stupid and it is this stupidity that will cost you come tax season! Phishing scams are ramping up for the imminent tax season and your business is vulnerable. You might dismiss me, because you bought the malware protection software and you still should. But that software will only protect the technology of your enterprise. The truly talented hackers know how to manipulate your staff, and they don’t need a computer science degree.
To the unfamiliar, phishing is the activity of sending fraudulent messages disguised as legitimate communications and one of the most popular frauds this time of year is the Internal Revenue Service. A typical fraud might involve a criminal calling you to collect unpaid taxes. They will also generally threaten you with immediate arrest if you don’t pay. You should be aware that the Internal Revenue Service would never call you. They only use the mail.
But that software won’t protect you against the email. This time of year you can expect to receive many from phishers claiming to be the Internal Revenue Service. They will send you everything from demands for cash, employee credentials, and links to phony IRS sites. They are seeking to either seize your cash directly or install malware on your network from a remote site.
With few exceptions, all these emails have one thing in common. They all use social engineering in the form of threats to extract compliance from your staff. For example, “Failure to submit documents will result in arrest”. They are also notoriously poorly written and often contain links to fraudulent websites that may claim to be the IRS.
The IRS has received your tax return and determined that you still owe taxes. failure to pay tax is a serious crime. You are liable to immediate arrest.
You can now pay all fees online using the new IRS tax portal. only a credit card is needed to avoid massive fines.
The new enhanced website allows you to enter all of your credentials. after the credentials are entered, the site automatically traces your return. You than must enter your credit card number.
in order to process the transaction and track any further changes, the following info is needed:
- Your full first and last name
- Your social security number
- Your credit card info
Under the Privacy Act of 1974, we must tell you that our legal
right to ask for information is Internal Revenue Code Sections
6001, 6011, 6012(a) and their regulations. [Etc.]
By now you are surely using a spam filter to guard your enterprise, and you should. But if your business is anything like mine, complete protection is a practical impossibility. Legit emails are inevitably snagged as false positives, and some spam always gets through. This might also be impossible for businesses like banks and accounting firms. You are always getting a steady stream of email from prospective clients.
These technological limitations leave you with only one option for complete protection, employee training. All the staff must to be taught from day one how to recognize threatening messages.
How is that working out?
Equifax Officially Has No Excuse
CAPPING A WEEK of incompetence, failures, and general shady behavior in responding to its massive data breach
People are stupid!
If only there was a way for you to remove people from corporate communications?
You could upgrade your spam filter, but spam filters still sometimes reject legit emails. It might also be impossible if your business handles hundreds of letters a day.
You could upgrade your malware software, but that won’t work either. Virus software only catches known malware. It will do nothing to prevent your coworkers from sharing sensitive information.
If only there was a way you could train a computer on corporate communication policies?
In recent years Artificial Intelligence has gained much fame. It used to control the Terminators in Hollywood and blow up perfectly good buildings. Today you wouldn’t recognize your life without it. It recommends movies for you on Netflix and answers your questions on Google. Artificial Intelligence works by analyzing your inputs and optimizing an algorithm to maximize some result. The result could be as simple as maximizing the hits on a website or avoiding collisions in a vehicle. Today’s systems still need human supervision to optimize the algorithm, but once that is done it can be run unsupervised.
Today you could hire a developer to code a spam filter for your enterprise, but that will cost you. AI experts can fetch thousands of dollars per day. New software also has a long development cycle, and it can take several revisions to engineer a reliable application. You could easily spend thirty thousand dollars building the beta version.
If only there was a development kit for Artificial Intelligence?
You’re in luck, because there is. When your staff is too lazy to follow the rules, the robots will always obey your authority. All that you need to do is hire a spam consultant to train the software at an affordable rate. WorkFusion has built a bot that you can start using today for free. It has been my experience that the bot is very intuitive to use. It can notify you when you are inserting wrong inputs and it has already been demonstrated to work as an email filter.
