It’s the end of the year, and with the holidays wrapping up it means “time to get back to work” for most of us, but it means “time to kick into high gear” for hackers. With many companies running with partial staff, identity thieves see them as prime targets. When employees have extra workloads, they can’t spend as much time carefully reading emails, but that just means we need to train ourselves to be cautious.
Every year scammers start bringing out their old standbys for year’s end because people still respond to them. Here are some of the most common tactics, so you and your users can be ready:
- Employee benefits/Health Savings Account scams
These types of scams rely on employees not being informed of company policies. The scammer will send an email telling the employee that their benefits are about to expire, or they need to renew them for the new year. They provide a fake website to “log in” and steal credentials. Avoid this by making sure to ask the appropriate person in your organization about anything benefit related – don’t rely on random emails.
- Microsoft (or other software) End of Year upgrade:
This type of scam involves an email telling you that your software is about to expire, and you need to send money to renew it. Typically, they will try to scare you and tell you that your email account will be closed by Microsoft or something similar. Always ask your IT vendor about the status of your licenses. TechGen will be happy to work with you to manage your software licenses and keep you in compliance.
- Phone call scams (“Vishing”):
With staff overworked, hackers are more likely to try to leverage employee exhaustion by calling directly instead of sending an email. These types of scammers will pretend to be from the IRS, or Microsoft, or some other group that needs credentials, passwords, or access to a computer. None of these organizations will call you out of the blue and make you resolve an issue on the spot.
- Charity scams:
Lots of people want to contribute to charities toward the end of the year, and who doesn’t like making the world a better place? Scammers will utilize this to send fake charity emails, hoping people will send them money. You can avoid these by navigating directly to the website of the charity you want to go to. Don’t send money to people who ask for it over email.
Finally, scammers have been watching the news as well, and they’ve seen the confusion resulting from the new tax law that congress has passed. Expect there to be lots of phishing emails sent out on this topic. Hackers may be sending fake articles for you to click, asking for your information to “help you calculate your new tax liability” or most dangerously, pretending to be government agents and demanding money. The IRS has released a page talking about fake IRS communications and how to avoid them. You can see that here https://www.irs.gov/privacy-disclosure/report-phishing
Stay warm, and stay safe.