Increase in phishing scams during tax season
Incidents of tax fraud become increasingly prevalent during tax season, and University Information Security (UIS) reports that it has taken action on the first tax-related phishing attempt of the season. This phish asks recipients to click to view a “paperless W2” and links to a false login page that captures University Internet IDs and passwords. A copy of the attempt can be viewed on the University’s Phishing Scam website.
UIS took immediate steps to mitigate this phishing attempt, blocking the site from the University network and verifying that Internet Explorer, Chrome and Firefox warn users of unsafe content when attempting to access. It also has reached out to the owner of the site to take it down.
UIS cautions that this is likely the first of many tax-related phishing attempts targeting the University, and encourages faculty and staff to exercise caution with email and web browsing. It recommends that users follow the steps below to protect their personal information:
- If in doubt, reach out. Be suspicious of any communication that appears to come from the University, IRS or any other government entity and asks for identity, login or tax information. Contact the sender of the message, or forward it to UIS at firstname.lastname@example.org prior to taking action.
- Follow browser warnings. Many web browsers, such as Internet Explorer, Chrome, and Firefox will warn users of unsafe content. Do not proceed to these flagged sites.
The University has measures in place to reduce exposure to fraudulent emails but it is impossible to block them all. We all have a responsibility to protect our personal information.