|Read your email carefully to avoid falling prey to phishing attempts, especially during the tax season.|
Every day, your email inbox is bombarded with spam, which most people properly ignore. Laboratory users are well aware that this spam is designed to extract personal information, such as passwords and financial account numbers. With this information, Fermilab personnel know to safeguard this information carefully.
However, when attackers tailor spam to coincide with events in your life, you can let your guard down. One common example is malicious requests to verify email account information due to oversubscribed email quotas or other issues purported to prevent users from accessing their email. When such messages, by happenstance, coincide with current FNAL email migration, users may fail to be properly suspicious.
An upcoming seasonal scam involves tax relief and tax refund mailings. These emails are intended to arrive in inboxes shortly after taxpayers file their yearly returns and tempt users by offering speedy refunds. These emails request that the tax filer provide more information such as verification of SSN, bank account numbers and a host of other personal information. To make the email appear even more legitimate, web links may be present that appear to be directed to popular tax preparation sites, along with graphics and other company information. Falling for one of these scams can lead to pilfering of bank accounts, fraudulent tax filings and identity theft.
If you receive an email that appears to coincide with an event currently taking place in your life, such as email migration or tax preparation, approach it with skepticism. Verify the sender by calling them using the customer service agent numbers listed on the company’s website, not the one listed in the email. Don’t follow the links in the email, but instead navigate manually to the company’s website to access your account.
Remember that when it comes to your identity and your money, you can never be too safe.
—Joe Klemencic, Fermilab computer security coordinator