Cyber Threats Target Small Tax Firms

Cyber attackers are already targeting small tax and accounting firms in 2020. Are you ready to protect your business and your clients from these scams?  
Request A Quote

Cyber Threats Target Small Tax Firms: Are You Prepared to Stop Them?

Cyber attackers are already targeting small tax and accounting firms in 2020. Are you ready to protect your business and your clients from these scams?  

Tax-related cyber-attacks and scams are as guaranteed as the April 15 tax filing deadline. In 2020, small businesses should already be on high alert to guard against these threats.

Small tax firms and accounting firms are at higher risk of cyber attacks because attackers assume they don’t have the cybersecurity resources to handle these threats. By understanding the current threats in the 2020 tax season, your firm can be prepared to handle these cyber threats.

Tax Scams Alerts Washington DC

Common Tax-Related Cyber Attacks

There are two main types of tax-related cyberattacks heading into the 2020 tax season: fake tax emails with attachments containing a macro virus, and legitimate sites that have been compromised with malware. These cyber-attacks require different approaches for prevention and response.

Malware Distribution Through Legitimate Tax Sites

In 2020, cyber attackers are targeting legitimate tax sites more than they ever have before. These attacks work by finding vulnerabilities in website security, such as outdated WordPress installations. This makes small tax firms particularly high-risk, as they have sensitive personal information from clients, but are more likely to lack the necessary cybersecurity resources and know-how to keep their website secure.

Once the attackers find the weakness in your site security, they alter web pages to attempt to download malware on the devices of those who visit those sites. This puts both your firm and your client at risk.

Protect Yourself from Cyber Attacks on Your Tax Website

If you want to protect yourself and your clients from attackers on your site, you must invest in your website security. If you’ve let this all by the wayside because you have a simple site, now is the time to shell out the resources to protect your data and client information. Many hosting companies provide security updates at affordable rates for small businesses, so check with yours about your options. Don’t let the price tag scare you—web security is well worth investing in for this (and all) tax season.

Tax Emails with Macro Viruses

Email cyber threats are not new to the 2020 tax season, but they are a persistent threat. In this scam, cyber attackers send a tax-related attachment that, when opened and installed, allows the scammers to capture sensitive information and use it for other kinds of financial theft.

These emails often seem plausible, so it’s easy for someone who merely skims their email not to notice that the email address or attachment seems off. Attackers find ways to personalize these emails to each recipient, making them appear legitimate.

How to Prevent Malicious Tax Emails

The first step in protecting your clients from email tax scams is to ensure your data is as secure as possible, as discussed above. Prevent cyber attackers from acquiring your information and that of your clients to mitigate their ability to send an email mimicking your company.

Next, be sure to educate your clients about tax scams and be very clear about what you will or won’t send them. If possible, never send attachments to your clients: this makes it very easy for clients to know that any attachment they receive is a scam.

Remind clients to read the sender’s email address and other parts of the email to ensure it matches other communications from your office. If they’re still in doubt, encourage them to call your office to confirm a message is legitimate.

Tax Firm Cybersecurity Solutions

Small tax firms and accounting firms are at a high risk of tax-related cyber attacks in the 2020 tax season, both through email attachment scams and malware plants on company sites. Protect your company and your client data by investing in your cybersecurity and educating clients and staff on these potential scams.