Tax season unleashes cyberscams
NEW YORK (CNNMoney) — As if tax season isn't stressful enough, cybercriminals are also out in full force, looking to unleash attacks against unsuspecting small businesses.
Cybercrooks often use current events to disguise their attacks, said Kevin Haley, director of Symantec Security Response.
In 2011, for example, the royal wedding triggered a huge spike in spamming emails. Similarly, the annual tax filing season creates a perfect storm for cyberschemes.
"Not only do criminals exploit its anxiety and fear factor, but the tax season also gives them the opportunity to generate a variety of social engineering tricks," Haley said.
These typically take the form of (fraudulent) tax-themed messages from the IRS that are actually phishing scams and ransomware.
Small businesses are targeted more than large firms because they're more vulnerable and the schemes are more lucrative.
"Large companies are better protected," said Haley. "Cybercriminals know that smaller firms are more lax with their security and probably keep more money in their bank accounts."
Alex Watson, director of security research at Websense Security Labs, said his firm has tracked a sharp increase in tax-related cyberscams this year against businesses.
"We're seeing about 100,000 IRS-themed email scams circulating every two weeks in the U.S.," said Watson. "They started in late December and it's going strong now."
Here are the three most dangerous cyberattacks:
Financial Trojans: This type of attack uses names of popular tax-prep programs like Turbotax. Haley said targets receive an email with an attachment disguised as an important tax document from Turbotax.
"In most cases, the attachment looks like a spreadsheet or a document file," he said.
If you open it, it launches malware on to your computer or phone. Once it's installed, the malware allows scammers to steal login information and bank account credentials.
Tax-themed phishing scams: Haley said these scams use HTML files that capture personal data and company information and then send it to a server controlled by the cybercrooks.
In its annual list of "Dirty Dozen" tax scams, the IRS highlighted this particular attack, which is carried out through a fraudulent email or website.
The IRS emphasized that it never uses email to request personal or financial information.
IRS-disguised ramsonware: This attack mimics a Crytpolocker threat, meaning the virus seizes control of your computer files and threatens to erase them unless you pay a ransom.
During tax season, Haley said the Cryptolocker virus is disguised in an email that purports to have important tax-related information.
"This is a particularly vicious attack," he said. "It will not only lock your personal files but also encrypt them and hold them for ransom."
Some businesses feel they have no choice but to pay, he said.
Want to outsmart the cybercriminals? Regularly back up important files or encrypt sensitive data, Haley said.
There are other steps small businesses can take to protect themselves from cyberscams.
Good security software is a must, said Haley, as is password protection. Just don't use the same password everywhere! Also, be very careful about clicking on links in an email.
Finally: "Be suspicious," Haley said. "Scammers are quite good at making emails and links look legitimate. Know that the email 'from' the IRS will never be from the IRS."