Greenshades Blog


Keep an eye out for phishers

Posted on January 11th, 2017

By The Greenshades Security Team

In preparation for the upcoming tax season, the Internal Revenue Service is urging all employees and companies to take steps to fight against identity theft and tax fraud. Greenshades wants to help you secure your year-end tax filing and tax form services.

In this blog post, we want to remind you to be on the lookout for phishing scams. Phishing is where an attacker tricks you into giving them information you otherwise would not. The IRS saw an approximate 400 percent surge in phishing and malware incidents during the 2016 tax season. In fact, the easiest way for an identity thief to steal taxpayer information is by simply asking for it. As a result, each day people fall victim to phishing scams through emails, texts, or phone calls, and mistakenly turn over important data. Then, cybercriminals try to use that data to file fraudulent tax returns or commit other crimes.

Many scam emails are designed to trick employees into thinking the emails are official communications from the IRS or others in the tax industry, including tax software companies like Greenshades. These phishing schemes can ask employees about a wide range of topics. Emails can seek information related to tax refunds, filing status, confirming personal information, ordering transcripts, verifying PIN information, and asking people to verify their tax software account.

Some scam emails request that people click on links contained in the emails. When people click on these email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov or GreenshadesOnline.com. The sites may ask for Social Security numbers, passwords, and other personal information, which could be used to file false tax returns. The sites also may carry malware, which can infect computers and allow criminals to access your files or track your keystrokes to gain information like your username and password.

Variations of these scams can be seen via text messages or phone calls, and the misleading communications can be seen in every section of the country.

To help prevent falling victim to a phishing attack, follow these Greenshades security tips:

  • Look for the “Lock” Browser Icon. When using Greenshades online services, always look for “https” at the beginning of the web address and the “lock” icon in the web address.  This indicates that the site uses encryption to protect your information when it is transmitted to us. Fraudulent and unencrypted sites can begin with an “Http” address.  If you click on the “lock” icon on your browser, it will display information that shows the certificate that certifies you are on the correct site.

1 - lock

  • Look for your security image. When you log in to GreenshadesOnline.com as an administrator, you are always shown your security image. This should be the image you selected when you set up the account. If the image is missing or is incorrect, do not proceed. Contact Greenshades security immediately.

2 - security image

  • Be Suspicious of Emails and Learn to Recognize Phishing Emails. To help prevent you and your employees from falling for phishing scams, take the time to examine, identify, and avoid emails that:
    • Contain a Link. Scammers often pose as the IRS, financial institutions, credit card companies, tax companies, or software providers. These scammers may claim that the recipients must update their accounts or change their passwords. The email offers a link to a spoofing site that may look similar to the legitimate official website. Employees should follow a simple rule: Don’t click on the link. If in doubt, they should go directly to the legitimate website to access the account.
    • Contain an Attachment. Another option for scammers is to include an attachment to the email. This attachment may be infected with malware that can download malicious software onto the recipient’s computer without their knowledge. If it is spyware, it can track the recipient’s keystrokes to obtain information about their passwords, Social Security Number, credit cards or other sensitive data. Remember, employees shouldn’t open attachments from unknown sources.
    • Are from a “Government” Agency or “Financial Institution.” Scammers attempt to frighten people into opening email links by posing as government agencies, financial institutions, and even tax companies. Thieves often try to imitate the official organizations, especially tax-related ones, during the filing season.
    • Are from a “Friend.” Scammers also hack email accounts and try to leverage the stolen email addresses. Recipients may receive an email from a “friend” that does not seem right. It may be missing a subject in the subject line, or contain odd requests or language. If the email seems “odd,” employees should avoid clicking on any links or opening attachments.
    • Contain a False “Look-alike” URL. Scammers may try to trick the recipient of an email into clicking on an illegitimate URL or web address. For example, instead of including a link to “www.IRS.gov,” the email may contain a false look-alike URL such as “www.irs.gov.maliciousname.com.” To verify the authenticity, a recipient can place their cursor over the text to view a pop-up of the real URL.

As always, if you have questions or concerns, please contact security@greenshades.com.