Be prepared for social engineering scams this tax return season

Issue 1 2022 Cyber Security

As people get ready to file their taxes in many parts of the world, cybercriminals are getting ready too. Tax-return time is open season for cybercrime, and it's likely to be worse this year because so many people are still working from home on various devices connected to unsecured networks.

Aamir Lakhani.

Although cybercriminals use other sophisticated tactics to steal information, social engineering scams are low-hanging fruit, especially during tax season. Fortunately, everybody can take steps to avoid falling victim to a social engineering scam.

Watch out for these social engineering attacks

Cybercriminals are out in force, eager to prey on the stress and uncertainty surrounding tax season. Attacks may take the form of phishing email campaigns or phone calls from people claiming to be from SARS or a collection agency. To appear legitimate, scammers may use stolen data with personal information, such as ID numbers.

Cybercriminals use a 'spray-and-pray' model for phishing campaigns. They send thousands of emails, hoping that at least one person will fall victim to the attack. Spear-phishing attacks are a targeted form of phishing that can be more difficult to detect because the emails are personalised to appear as if they were sent by someone the recipient knows. In the past, spear phishing was challenging to implement, but now some advanced cybercriminals use machine learning and artificial intelligence to execute these attacks more efficiently.

Who is the most vulnerable to social engineering attacks?

During tax season, the prime targets for tax refund scams are foreign work permit holders, small business owners, new taxpayers under the age of 25 and older taxpayers over 60. Cybercriminals assume these people may be less informed about tax policies and what to expect, so they may be more vulnerable to emotional manipulation. For example, the scammer may claim that the potential victim has missed an important tax deadline and pressure the victim to act quickly.

How to protect yourself against tax refund scams

If you know what to look for and how to handle suspect emails or phone calls, you can avoid becoming a victim of tax season social engineering attacks. Here are a few tips for effectively defending against social engineering attacks:

• Look for grammatical issues and typos. Often, phishing emails contain errors that are easy to spot. If a message includes several spelling or grammar errors, odds are good that it is not legitimate.

• Be sceptical. Always consider any unexpected emails or phone calls claiming to be from SARS or other governmental agencies to be suspect. If you are concerned about the legitimacy of a sender or caller, don’t give the person any information. Instead, contact SARS or the governmental agency directly to verify the caller's identity.

• Don’t share personal information. Don’t give out your ID number or credit card information over the phone or via email. Scammers may pressure you to do so and try to convince you that something terrible will happen if you don’t act immediately. Hang up or delete the email.

• Warn family and friends who may be vulnerable to attacks. Share cybersecurity information with others and encourage them to get educated. The Fortinet NSE Training Institute offers cybersecurity awareness training that covers key cybersecurity terms, the motivations behind cybercrime, attack methods and protection tactics.

• Use technology to help prevent attacks. Secure email gateway (SEG) solutions such as FortiMail can protect all inbound and outbound email traffic. Like other Fortinet products, FortiMail integrates seamlessly with the Fortinet Security Fabric and is backed by FortiGuard Labs. FortiClient is an advanced endpoint protection solution with a built-in VPN client and zero-trust network access. It connects an endpoint such as a laptop with the Security Fabric and delivers integrated endpoint and network security.

Although tax-return season can be stressful, knowing the signs of a social engineering attack can keep you from becoming a victim. Fortinet made all of its self-paced online courses from the Fortinet Training Institute available for free to all starting at the beginning of 2020.

Learn more at

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cyber is a core component of access control
Access Control & Identity Management Cyber Security
When it comes to access control and identity management, cybersecurity plays a critical role in helping to ensure that only authorised users can gain access to a system and that they are who they claim to be.

Governing cybersecurity from the top as a strategic business enabler
Cyber Security
C-Suite executives still do not take cybersecurity seriously enough, while boards are not nearly as engaged in cybersecurity as they are in other areas of oversight.

It is time to take a quantum leap in IoT cybersecurity
Drive Control Corporation Cyber Security
IoT has become integrated everywhere, including enterprises. While it offers many benefits, such as increased productivity and the rollout of mission critical applications, it can also lead to (enterprise) cyber-attack vulnerabilities.

What to do in the face of growing ransomware attacks
Technews Publishing Cyber Security Security Services & Risk Management
Ransomware attacks are proliferating, with attackers becoming more sophisticated and aggressive, and often hitting the same victims more than once, in more than one way.

Can we reduce cyberattacks in 2023?
Cyber Security
Zero-trust cybersecurity strategy with simplicity and risk reduction at the heart is mandatory to reduce exponential cyberattacks in 2023, says GlobalData.

Key success factors that boost security resilience
Cyber Security
Adoption of zero trust, secure access service edge and extended detection and response technologies, all resulted in significant increases in resilient outcomes, as are executive support and cultivating a security culture.

Enterprise threats in 2023
News Cyber Security
Large businesses and government structures should prepare for cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet.

CA Southern Africa unmasks container security
Technews Publishing IT infrastructure Cyber Security
Adoption of software containers has risen dramatically as more organisations realise the benefits of this virtualised technology.

Shifts in threat landscape to industrial control systems
Cyber Security
Kaspersky’s ICS CERT researchers’ predictions include increased attack surface due to digitisation, activities of volunteer and cybercriminal insiders, ransomware attacks on critical infrastructure as well as the technical, economic and geopolitical effects, and the rise of potential vulnerabilities being exploited by attackers.

Advanced persistent cybercrime
Cyber Security
FortiGuard Labs predicts the convergence of advanced persistent threat methods with cybercrime. Advanced persistent cybercrime enables new wave of destructive attacks at scale, fuelled by Cybercrime-as-a-Service.