Yes, it is that time of year and in light of many of our expectations to obtain a refund from our government this post is designated to address and bring awareness to the some of the potential threats and scams that exist.
Tax Refund Fraud
This tax season, more people are falling victim to tax refund fraud. Tax refund fraud happens when someone submits your information to the IRS and claims the refund in your name, having the money sent to their address and not yours.
Prevention
File your tax refund early and quickly. Safeguard your social security number and personal details.
Recovery
Contact the IRS if you think this has happened to you.
Reference
Thieves Nab IRS PINs to Hijack Tax Refunds
DROWN Attack
DROWN is the exploitation of a problem that exists in the technology that keeps private web traffic secure. With it, an attacker can intercept web traffic, decrypt it, and look at its contents. The contents could include things like usernames, passwords, and credit card numbers.
Prevention
While this is not something that directly affects your personal computer, someone could intercept your web traffic at places like coffee shops or hotels. If possible, use a VPN when in these types of environments. You can check to see if your organization’s site, or sites that you frequent are vulnerable with https://drownattack.com/#check and informing the site’s administrators about it so they can fix it.
Recovery
Varies depending on if, how, and what information gets intercepted due to DROWN.
Reference
DROWN Attack
Another ransomware example. Ransomware spreading emails take many forms. Here is another example:
From: Thanh Sears
Date: 11 March 2016 at 10:29
FW: Payment 16-03-#507586 Dear [redacted],
We have received this documents from your bank, please review attached documents. Yours sincerely,
Thanh Sears – Financial Manager
Attachment: payment_doc_507586.zip
Prevention
As with the previous example, do not open email attachments if you do not know who it came from.
Recovery
As with the previous example, the best recovery is a known good recent backup.
Reference
Malware spam: “FW: Payment 16-03-#507586” / “We have received this documents from your bank, please review attached documents.”
Join the Conversation on Linkedin | About PEO Compass
The PEO Compass is a friendly convergence of professionals and friends in the PEO industry sharing insights, ideas and intelligence to make us all better.
All writers specialize in Professional Employer Organization (PEO) business services such as Workers Compensation, Mergers & Acquisitions, Data Management, Employment Practices Liability (EPLI), Cyber Liability Insurance, Health Insurance, Occupational Accident Insurance, Business Insurance, Client Company, Casualty Insurance, Disability Insurance and more.
To contact a PEO expert, please visit Libertate Insurance Services, LLC and RiskMD.
