Watch out for phishy emails during 税金 season
NEW YORK (AP) ― It's 税金 time, so you'd better think twice before clicking on that link in your email inbox.
What may look like a 合法的 communication from your bank, human 資源s department or email provider may 現実に be part of a 計画/陰謀 designed to steal the confidential (警察などへの)密告,告訴(状) 蓄える/店d in your computer, or to 伸び(る) 接近 to the 網状組織 it's 大(公)使館員d to.
専門家s 警告する that 税金 season is a prime time for this brand of 詐欺 known as "phishing," with hackers out to steal your (警察などへの)密告,告訴(状) in hopes of using it to とじ込み/提出する a 誤った 税金 return.
FILE - In this Aug. 21, 2014, とじ込み/提出する photo, shows health care 税金 forms 8962, 1095-A, and 8965, in Washington. It?s 税金 time, so you?d better think twice before clicking on that link in your email inbox. What may look like a 合法的 communication from your bank, human 資源s department or email provider may 現実に be part of a 計画/陰謀 designed to steal the confidential (警察などへの)密告,告訴(状) 蓄える/店d in your computer, or to 伸び(る) 接近 to the 網状組織 it?s 大(公)使館員d to. (AP Photo/Carolyn Kaster, とじ込み/提出する)
Phishing emails remain one of the 最高の,を越す 原因(となる)s of data 違反s. While people are more aware of their danger than ever before, the 誘惑するs continue to 発展させる and 増加する in sophistication, making it 堅い for the 普通の/平均(する) person to discern which emails are 合法的 and which ones aren't.
Here are a few answers to ありふれた questions about phishing:
___
WHY IS IT SO BAD THIS TIME OF YEAR?
Phishing 頂点(に達する)s during 税金 season, 部分的に/不公平に because it's a time of year that many people are accustomed to entering their most personal (警察などへの)密告,告訴(状) ― such as their Social 安全 number or bank account (警察などへの)密告,告訴(状) ― on websites, Satnam Narang, 上級の 安全-返答 経営者/支配人 for 安全 ソフトウェア 製造者 Symantec, says.
Hackers can use that (警察などへの)密告,告訴(状) to とじ込み/提出する 誤った 税金 returns and steal a refund
This year is no exception. Earlier this month, the IRS said that it stopped an attack on the e-とじ込み/提出するing 部分 of its website. Hackers tried to use a combination of malware and 464,000 Social 安全 numbers that had been stolen どこかよそで to 生成する PIN numbers that could be used to とじ込み/提出する fraudulent returns.
No taxpayer data was stolen from the IRS computer systems as a result of the 切り開く/タクシー/不正アクセス.
Phishing also spikes around Christmas, with attacks in the form of 偽の 配達/演説/出産 notifications. Thieves also often tie phishing emails to major 冒険的な events, or natural 災害s like overseas 地震s, says Raj Samani, 長,指導者 科学(工学)技術 officer for Europe, the Middle East and Africa at Intel 安全.
"They're very much up with the 最新の news and (警察などへの)密告,告訴(状)," Samani says. "If they can spend a little more time and get a 0.1 パーセント 増加する in click-throughs, then their (選挙などの)運動をする becomes hugely more profitable and successful."
___
WHAT'S THE DIFERENCE BETWEEN PHISHING AND SPEAR FISHING?
Narang に例えるs phishing to a person casually throwing a 棒 in a lake and waiting for a bite. Phishing emails don't 含む/封じ込める a lot of 明確な/細部s, but are quick and 平易な to send out in 集まり 量s.
"Spear phishing" is much more 的d and personalized. The people behind those attacks spend time 研究ing their 的s ーするために create 高度に customized emails that look much more 合法的 and are much more likely to be clicked on.
The rise of social マスコミ has made this a lot easier. Thanks to Facebook and Twitter, 詳細(に述べる)s 含むing a person's place of 雇用, where they bank, like to shop and the 指名するs and ages of their children are just a few clicks away.
___
WHAT OTHER RED FLAGS SHOULD I BE ON THE LOOKOUT FOR?
In an 成果/努力 to get more people to click on a link before thinking about the possible consequences, many phishing emails will give an impression of scarcity, or 含む some 肉親,親類d of time 限界.
For example, an email made to appear to be from a person's bank or email provider may 明言する/公表する that if that person doesn't click on the enclosed link within 24 hours, they will be locked out of their account.
And while poor English and long, コンビナート/複合体 web links were 以前 sure 調印するs of phishing, they're not as 流布している anymore. Many overseas hackers are no longer using clunky translation websites, because there are fluent English (衆議院の)議長s who 専攻する in translating phishing emails for a 料金, Samani says.
一方/合間, it's become easier to 縮める the Web links that direct a people to 偽の websites, he s ays.
Narang 追加するs that people should be 用心深い of emails 趣旨d to be from banks, or other companies they do 商売/仕事 with, but didn't 選ぶ into emails from. He also 公式文書,認めるs that banks 一般に don't 含む Web links in emails.
Those links will likely take a person to a 偽の website where they will be asked to login and those 信任状 will 最終的に be stolen, he says.
And attacks don't just come in the form of email. They can come as text messages too, with those links often 含む/封じ込めるing ウイルスs, Samani says.
___
IS THERE ANY WAY TO PREVENT A PHISHING-RELATED HACKING?
Basic cyberhygiene can go a long way toward 妨げるing a data 違反, even if a link in a phishing email gets accidentally clicked on.
Using different passwords for different accounts, two-factor authentication and changing passwords frequently all can be a big help. In 新規加入, companies should 実験(する) their 従業員s by periodically sending out 偽の phishing emails to see who 落ちるs for them, Narang says.
And companies need to make sure their 安全 重要なs are up to date, along with their anti-spam filters, so past bad senders don't keep getting through, Samani says.
"I think ありふれた sense goes a かなりの long way," Samani says.
He 追加するs that with any email communications, it's always better to just go straight to the main website of the (独立の)存在 it 趣旨s to be from, just to be on the 安全な 味方する.
"I can't remember the last time I clicked on a link in an email," Samani says. "I just don't do it."
___
Follow Bree Fowler at https://twitter.com/APBreeFowler. Her work can be 設立する at http://bigstory.ap.org/author/bree-fowler.
