They appear to come from a known or trusted source, such as acolleague, bank, credit card company, cloud storage provider, taxsoftware provider or even the IRS.
They tell a story, often with an urgent tone, to trick the receiver into opening a link or attachment.
A specific kind of phishing email is called spear phishing. Rather than the scattershot nature of general phishing emails, scammers take time to identify their victim and craft a more enticing phishing email known as a lure.Scammers often use spear phishing to target tax professionals.
In a reoccurring and very successful scam this year, criminals posed as potential clients, exchanging several emails with tax professionals before following up with an attachment that they claimed was their tax information.
This scam was popular as many tax professionals worked remotely and communicated with clients over email versus in-person or over the telephone because of COVID.
Once the tax pro clicks on the URL and/or opens the attachment, malware secretly downloads onto their computers, giving thieves access to passwords to client accounts or remote access to the computers themselves.
Thieves then use this malware known as a remote access trojan (RAT) to take over the tax professional’s office computer systems, identify pending tax returns, complete them and e-file them, changing only the bank account information to steal the refund.