Phishing and taxes: what you need to know about the IRS data breach
Last week’s news about the IRS getting hacked may have seemed a bit ironic and less significant than this year’s earlier Anthem and Premera incidents, but it’s all part of a very bad larger picture. This newly reported IRS hack of 100,000 taxpayers appears to have preceded and enabled the more recent tax refund fraud scheme as part of a very organized attack.
The very worrying parts of this trend are the scale, organization, and long-term implications. Many of these incidents involve mind-blowing amounts of data (100,000 tax returns, 11 million healthcare records, 80 million identities) captured by groups that have the skill, resources, and evidently the plan to leverage these records for maximum financial and personal gain.
While there may not be any positives in this hack, perhaps the audacity of the hackers and the notoriety of the target will help bring additional public awareness to the things that security experts are consistently recommending as the most effective approaches to avoiding exposing you or your organization:
- Watch out for phishing and spear phishing emails that try to get you to divulge credentials or sensitive information.
- Enable multi-factor authentication for important applications.
- Use the strongest passwords supported by your applications and change them often.
- Don’t reuse passwords across different log-ins.
Intermedia recently published an eBook about spear phishing. We recommend McAfee Advanced Email Protection with ClickProtect to our customers to help defend against these threats. Additionally our Intermedia AppID® service offers 2-Factor Authentication and password management to protect your credentials across your accounts.
You should consider these or comparable services for your organization.
To learn more, check out our spear phishing eBook or our white paper on security for Hosted Exchange.