Tax preparation companies and tax agencies are increasingly facing scams, fraud, and other attacks, according to Robert Capps, Vice President of Marketplace Innovation at NuData Security. On the CyberWire’s Hacking Humans podcast, Capps explained that the digitization of taxes has increased the need for tax organizations to focus on cybersecurity.
“If you're dealing with an agency, a physical organization that is processing your taxes, you drop off the packet, they hand you your taxes, and then you sign, and they get mailed in or even electronically delivered on your behalf - those organizations really need to be taking security into account,” Capps said. “Where taxes, you know, more than a decade ago were all on paper, tax return fraud was the result of breaking into someone's office and stealing boxes of paperwork. Now that's all digital. And so whoever's preparing your taxes or assisting with your taxes really needs to take computer network security into account, and that isn't always the case, right? Some folks are not as computer-literate as we might want them or expect them to be, given their position.”
Capps noted that attackers also use social engineering and malware to go after corporations as well as individuals.
“On the other side of the coin, corporate tax fraud is an issue, and getting information from an employee through social engineering or getting malware onto their computers in the office can create all kinds of havoc not just at tax time, but also attacking bank balances,” Capps said. “And you see unrequested international wire transfers out of corporate accounts to third-party accounts in another country that can't be recovered. Those things are all problems when we talk about the corporate side of the fraud, when companies are defrauded by these same individuals.”
New-school security awareness training can give your organization an essential layer of defense by enabling your employees to avoid falling for scams and other social engineering attacks.
The CyberWire has the story.